Check Point® Software Technologies Ltd. has been recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for Email Security Platforms (ESP).
Concerns Rise as Organizations Struggle to Operationalize Cloud Security
July 10, 2023
Companies are increasingly embracing the power and agility of cloud-based solutions, with more than 20% of their workloads running in the cloud today, with plans to grow more than 50% in the next 18 months. With this accelerated cloud adoption comes inherent challenges and apprehension, as Check Point's 2023 Cloud Security Report reveals. As a result, 76% of organizations are apprehensive about cloud security, and cloud-based attacks are increasing at an alarming rate.
The greatest security attack threat is cloud misconfigurations, with a quarter of the respondents stating that they have already succumbed to a public cloud security incident due to a misconfiguration. In addition, the survey found that cloud misconfiguration was seen as the primary risk by 60% of the participants.
The 2023 Cloud Security Report results also show that organizations are still dealing with fundamental cloud security challenges. For instance, 58% of organizations need help to deploy and manage a complete solution across all cloud environments, 52% struggle to ensure data protection and privacy, and 49% struggle to understand how different security solutions fit together. A real cause for concern is that an overwhelming 43% of organizations need to access three to four separate security solutions to configure the policies that secure their enterprise's cloud footprint.
One potential solution to these challenges is the consolidation of security policies, operations, and responsibilities into a single platform. With only 20% of respondents having a comprehensive DevSecOps process in place, it is clear that more organizations should implement a developer-centric approach that enforces security policies throughout the software development lifecycle. This prevents developers from creating friction in the development process while securing the system effectively.
A developer-centric approach is a paradigm shift from the traditional top-down approach that separates developers from security operations. This approach requires developers to have the necessary context to identify, prioritize, and remediate security risks within the software supply chain. To make this a reality, better-integrating features such as code scanning, effective risk management, and CIEM are essential building blocks for mitigating risk and employing zero trust across the board.
Moving forward, we expect to see the expansion of comprehensive DevSecOps processes in organizations, with developers taking active roles in decisions about what technologies are used to implement security control requirements and standards. More than 40% of DevOps engineers are already being held accountable for technical changes to systems that are required to remediate security and compliance, according to the report.
By embracing a CNAPP platform approach and devoting resources to automation, scaling, and risk management, organizations can achieve the full life cycle protection requirements of cloud-native applications from development to production.
Industry News
December 19, 2024
December 19, 2024
Progress announced its partnership with the American Institute of CPAs (AICPA), the world’s largest member association representing the CPA profession.
December 18, 2024
Kurrent announced $12 million in funding, its rebrand from Event Store and the official launch of Kurrent Enterprise Edition, now commercially available.
December 18, 2024
Blitzy announced the launch of the Blitzy Platform, a category-defining agentic platform that accelerates software development for enterprises by autonomously batch building up to 80% of software applications.
December 17, 2024
Sonata Software launched IntellQA, a Harmoni.AI powered testing automation and acceleration platform designed to transform software delivery for global enterprises.
December 17, 2024
Sonar signed a definitive agreement to acquire Tidelift, a provider of software supply chain security solutions that help organizations manage the risk of open source software.
December 17, 2024
Kindo formally launched its channel partner program.
December 16, 2024
Red Hat announced the latest release of Red Hat Enterprise Linux AI (RHEL AI), Red Hat’s foundation model platform for more seamlessly developing, testing and running generative artificial intelligence (gen AI) models for enterprise applications.
December 16, 2024
Fastly announced the general availability of Fastly AI Accelerator.
December 12, 2024
Amazon Web Services (AWS) announced the launch and general availability of Amazon Q Developer plugins for Datadog and Wiz in the AWS Management Console.
December 12, 2024
vFunction released new capabilities that solve a major microservices headache for development teams – keeping documentation current as systems evolve – and make it simpler to manage and remediate tech debt.
December 11, 2024
Check Point® Software Technologies Ltd. announced that Infinity XDR/XPR achieved a 100% detection rate in the rigorous 2024 MITRE ATT&CK® Evaluations.
December 11, 2024
CyberArk announced the launch of FuzzyAI, an open-source framework that helps organizations identify and address AI model vulnerabilities, like guardrail bypassing and harmful output generation, in cloud-hosted and in-house AI models.
December 11, 2024
Grid Dynamics announced the launch of its developer portal.
December 10, 2024
LTIMindtree announced a strategic partnership with GitHub.
