To capture the minds of CISOs and CIOs in Asia-Pacific, my company recently asked Frost & Sullivan to take a snapshot of cloud adoption behavior in the region.
The survey of more than 300 executives in A/NZ, Singapore, and Japan shows that cloud adoption is rapidly growing as organizations undergo digital transformation to address the rapidly changing business environment.
For cloud adoption, 53% of respondents have more than half of their workloads in the cloud, while 45% of cloud users consider themselves cloud-native, and 60% have 11-20 applications in the cloud.
The majority (56%) of respondents prefer a hybrid cloud approach. In general, they want more granular control and visibility of their networks. In multi-cloud, the most popular (61%) number of cloud service providers
in use for multi-cloud organizations is two.
Cloud accountability and security always come first. Infrastructure-as-a-Service (IaaS) is a cloud service framework to access cloud computing, storage, and networking on demand. In IaaS models, the CSP
is solely responsible for physical security and shares with the customer responsibility for host infrastructure and network controls.
Regarding security, 72% of cloud users in APAC have not secured all their cloud workloads, while 63% of respondents have experienced at least one incident in the past year.
Container traffic visibility is the most important functional area for deploying network-based security and analytics. About 68% of respondents refresh their security tools every three to four years.
The primary concern for cloud security is detecting and responding to network threats. Organizations are looking to see north-south and east-west traffic across their networks.
Network Challenges
Respondents indicated that their top five network visibility challenges are: 1. High cost of network traffic sent to tools, inability to aggregate optimized traffic and route to appropriate agencies, difficulties in scaling network visibility, and the failure to transfer traffic between virtual machines and containers. 2. Ransomware on cloud workloads: The increasing frequency of ransomware attacks can cost organizations millions if not properly protected. 3. Cryptocurrency Mining: Cloud crypto jacking would not only mean the theft of computer resources but also compromise the communication service provider (CSP). 4. Host Malware on Cloud Resources: CSPs have knowingly hosted malware in their cloud storage that could compromise the resources of other cloud tenants. 5. Data Exfiltration: Insufficient protection on the part of the CSP can lead to costly data exfiltration of sensitive data stored in the cloud.
A breakdown of how organizations use the cloud shows that 23% use a multi-cloud approach, and 93% plan to deploy a third-party network-based cloud security solution within 12 months.
89% prefer using an observation tool to monitor on-prem/cloud workloads, while 61% seek to streamline all cloud traffic without compromising reliability.
The most popular approach for managing security across multiple clouds is to cover some, but not all, cloud workloads. This means that many cloud workloads are still potentially exposed to threats.
Our research found that only 28% of organizations secure cloud workloads for all cloud vendors and environments. In comparison, 48% secure cloud workloads for some cloud vendors and settings, and 23% have a third party responsible for securing cloud workloads.
About 61% can streamline all cloud traffic without compromising reliability, and 47% have 101-1000 virtual machines in the cloud.
Visibility is key
91% of respondents say network traffic visibility is critical when considering cloud security tools.
Organizations need to see their entire threat surface to protect it and find a way to streamline cloud traffic without sacrificing data reliability. Protection between deployments is critical, and monitoring should be able to cover all assets regardless of deployment.
According to the F&S survey, 89% of respondents currently have existing tools that monitor both on-premise and cloud environments. They place the utmost importance on minimizing and eliminating device- or vendor-specific agent implementations.
Maximize efficiency
The most common challenge respondents face when managing their cloud workloads is the high cost of network traffic. Zero trust is seen as the most crucial emerging cybersecurity concept. Organizations will need to evaluate future-ready potential security solutions and how well they fit into existing environments before purchasing.
The most common challenge respondents face when managing their cloud workloads is the high cost of network traffic. Zero trust is seen as the most crucial emerging cybersecurity concept. Companies need to evaluate how future-proof potential security solutions are and how well they fit into existing environments before purchasing.
Ideally, they should look for a deep observation pipeline that leverages actionable network-level intelligence to amplify the power of their observation tools to manage hybrid and multi-cloud infrastructures.
Such a solution would provide the control needed to simplify the deployment of workloads to the hybrid cloud. It must be able to extend on-prem and cloud-based tools to maintain security and compliance while applying the context of network and application data for consistent observation.
Finally, the solution must provide in-depth observation of data in motion across on-premises, virtual and public clouds and the tools used to secure and manage them.