- 69% of companies admit they knew about breaches or exposures due to variations in multi-cloud security configurations
- 70% of companies are not confident in their ability to apply consistent security across on-premise and multi-cloud environments
- Less than half of organizations trust their security staff to maintain a strong security posture
Radware® (NASDAQ: RDWR), a leading provider of cyber security and application delivery solutions, today released its new report, Application Security in a Multi-Cloud World. The survey, which was conducted with Osterman Research, reveals that organizations continue to struggle to achieve consistent, high quality application security across hybrid and multi-cloud environments.
“While many organizations are running multiple tools to secure applications across an increasing number of cloud environments, according to our report, 70% of them are not confident in their ability to achieve consistent, quality protection. It’s a major problem that’s exposing companies to inherent security risks — and they recognize it,” said Haim Zelikovsky, vice president of cloud security services at Radware. “Combined with the eroding trust in public cloud security and cyber security staff, skilled talent shortages, and lack of visibility across cloud environments, you have a perfect storm for data breaches. It’s a wake-up call for organizations to change how security is managed so applications are protected at the highest level, regardless of where they are running.”
Multi-Cloud Usage is Rapidly Scaling Up
Survey respondents indicated that their adoption of multiple cloud services was most frequently driven by forces outside of the IT department, including business groups and shadow IT services. Currently, 58% of organizations deploy applications on two or more public cloud environments. Within the next 12 months, this figure is expected to rise to 63%.
Almost All Organizations are Hybrid
While cloud-native and cloud-only approaches are often heralded as the way of the future, they remain a niche approach. On-premise data centers and private cloud environments continue to host a significant proportion of applications.
- While usage of on-premise hardware data centers is gradually declining, over 80% of organizations still use them for some of their applications.
- Nearly all (98%) organizations combine at least two types of infrastructure, including on-premise data centers, and private cloud and public cloud platforms.
- Currently 45% of organizations deploy applications in a hardware data center, on a private cloud, and on at least two public clouds.
The Number of Security Tools Being Used is Increasing
As organizations juggle a changing mix of cloud platforms, the requirement for cloud security tools that offer consistent controls, policy, and visibility is becoming increasingly important.
- According to the survey, 49% of organizations use two or more cloud security tools.
- Three out of four (75%) respondents use a public cloud WAF and one out of two (50%) use a CDN-based WAF.
The Quality of Security and Visibility is in Jeopardy
The quality of multi-cloud protection is proving insufficient across a range of dimensions, creating inconsistencies and gaps that can be weaponized in cyber attacks.
- 70% of respondents are not confident in their ability to apply consistent and robust security across on-premise and multi-cloud platforms.
- 69% of respondents admit that they knew about data breaches or exposures due to variations in how application security was configured across different public cloud platforms.
- Respondents reported quality of protection of cloud applications (51%) as well as unified visibility (49%) and application protection coverage (38%) across multiple environments as problems or extreme problems.
Trust in Cloud Security is Declining
Lack of trust in the efficacy of multi-cloud security tools and security staff is making it even more difficult for organizations to protect themselves from threats that are increasing in frequency and intensity.
- Nearly two thirds (64%) of respondents indicated that they do not trust the security protections offered by public cloud platforms, compared to half of respondents a year ago.
- Less than half (45%) of organizations indicate they completely trust their security staff to configure and maintain a strong application security posture across the public cloud platforms they currently use for hosting applications.
The survey includes responses from senior network security, DevOps and DevSecOps administrators, vice presidents of research and development, and application architects, among other security roles. The survey was conducted in 10 countries across North America, EMEA, APAC and LATAM.
The complete Application Security in a Multi-Cloud World report can be downloaded here. Other resources include:
Radware® (NASDAQ: RDWR) is a global leader of cyber security and application delivery solutions for physical, cloud, and software defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection, and availability services to enterprises globally. Radware’s solutions empower enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity, and achieve maximum productivity while keeping costs down. For more information, please visit the Radware website.
Radware encourages you to join our community and follow us on: Facebook, LinkedIn, Radware Blog, Twitter, YouTube, and Radware Mobile for iOS and Android.
©2022 Radware Ltd. All rights reserved. Any Radware products and solutions mentioned in this press release are protected by trademarks, patents, and pending patent applications of Radware in the U.S. and other countries. For more details, please see: https://www.radware.com/LegalNotice/. All other trademarks and names are property of their respective owners.
THIS PRESS RELEASE AND THE RADWARE APPLICATION SECURITY IN A MULTI-CLOUD WORLD REPORT ARE PROVIDED FOR INFORMATIONAL PURPOSES ONLY. THESE MATERIALS ARE NOT INTENDED TO BE AN INDICATOR OF RADWARE'S BUSINESS PERFORMANCE OR OPERATING RESULTS FOR ANY PRIOR, CURRENT, OR FUTURE PERIOD.
Radware believes the information in this document is accurate in all material respects as of its publication date. However, the information is provided without any express, statutory, or implied warranties and is subject to change without notice.
The contents of any website or hyperlinks mentioned in this press release are for informational purposes and the contents thereof are not part of this press release.
Safe Harbor Statement
This press release includes “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act of 1995. Any statements made herein that are not statements of historical fact, including statements about Radware’s plans, outlook, beliefs, or opinions, are forward-looking statements. Generally, forward-looking statements may be identified by words such as “believes,” “expects,” “anticipates,” “intends,” “estimates,” “plans,” and similar expressions or future or conditional verbs such as “will,” “should,” “would,” “may,” and “could.” Because such statements deal with future events, they are subject to various risks and uncertainties, and actual results, expressed or implied by such forward-looking statements, could differ materially from Radware’s current forecasts and estimates. Factors that could cause or contribute to such differences include, but are not limited to: the impact of global economic conditions and volatility of the market for our products; natural disasters and public health crises, such as the coronavirus disease 2019 (COVID-19) pandemic; a shortage of components or manufacturing capacity could cause a delay in our ability to fulfill orders or increase our manufacturing costs; our business may be affected by sanctions, export controls, and similar measures, targeting Russia and other countries and territories, as well as other responses to Russia’s military conflict in Ukraine, including indefinite suspension of operations in Russia and dealings with Russian entities by many multi-national businesses across a variety of industries; our ability to successfully implement our strategic initiative to accelerate our cloud business; our ability to expand our operations effectively; timely availability and customer acceptance of our new and existing solutions; risks and uncertainties relating to acquisitions or other investments; the impact of economic and political uncertainties and weaknesses in various regions of the world, including the commencement or escalation of hostilities or acts of terrorism; intense competition in the market for cyber security and application delivery solutions and in our industry in general, and changes in the competitive landscape; changes in government regulation; outages, interruptions, or delays in hosting services or our internal network system; compliance with open source and third-party licenses; the risk that our intangible assets or goodwill may become impaired; our dependence on independent distributors to sell our products; long sales cycles for our solutions; changes in foreign currency exchange rates; undetected defects or errors in our products or a failure of our products to protect against malicious attacks; the availability of components and manufacturing capacity; the ability of vendors to provide our hardware platforms and components for our main accessories; our ability to protect our proprietary technology; intellectual property infringement claims made by third parties; changes in tax laws; our ability to realize our investment objectives for our cash and liquid investments; our ability to attract, train, and retain highly qualified personnel; and other factors and risks over which we may have little or no control. This list is intended to identify only certain of the principal factors that could cause actual results to differ. For a more detailed description of the risks and uncertainties affecting Radware, refer to Radware’s Annual Report on Form 20-F, filed with the Securities and Exchange Commission (SEC), and the other risk factors discussed from time to time by Radware in reports filed with, or furnished to, the SEC. Forward-looking statements speak only as of the date on which they are made and, except as required by applicable law, Radware undertakes no commitment to revise or update any forward-looking statement in order to reflect events or circumstances after the date any such statement is made. Radware’s public filings are available from the SEC’s website at www.sec.gov or may be obtained on Radware’s website at www.radware.com.