In order to gain insight into how public cloud computing services are impacting network security strategies, ESG surveyed 255 cybersecurity and IT/information security professionals at organizations in North America (US and Canada) familiar with their organization’s network security tools and processes and responsible for evaluating, purchasing, and/or operating corporate network security controls across public cloud infrastructure and on-premises data centers/private cloud.
This study sought to answer the following questions:
- How difficult is operating public cloud infrastructure compared to two years ago? What are the greatest challenges organizations face when it comes to public cloud security?
- What tools do organizations currently use to protect their public cloud infrastructure environment?
- What are the biggest reasons organizations use security groups or network firewalls from cloud security providers?
- How difficult is on-premises data center/private cloud security compared to two years ago? What are the greatest challenges organizations face when it comes to public cloud infrastructure security?
- What are the most important attributes when it comes to on-premises data center/private cloud network security tools?
- How do organizations view hybrid cloud models?
- What are the biggest challenges with respect to supporting applications spanning public cloud infrastructure and on-premises data center infrastructure?
- How often do organizations evaluate their network security tools for public cloud and on-premises data center/private cloud infrastructure?
- Do organizations spend more on public cloud infrastructure or on on-premises data center/private cloud security? How will security spending change in the next 24 months?
- What groups are responsible for the security processes, policies, and technologies associated with protecting the organization's public cloud infrastructure and on-premises data center/private cloud? How is their day-to-day collaboration characterized? How willing are they to invest in and support public cloud security initiatives?
- Do organizations use microsegmentation today? How will this change 24 months from now? How will organizations employ microsegmentation? Why would organizations not use microsegmentation more widely?
- How often are security incidents a result of encrypted traffic? What is the most attractive method of encrypted traffic visibility?
Survey participants represented a wide range of industries including manufacturing, financial services, retail, healthcare, and technology. For more details, please see the Research Methodology and Respondent Demographics sections of this report.