Adam Gavish, co-founder and CEO at DoControl, added that when one considers the upswing in multi-cloud adoption across all major cloud categories (ie. IaaS, PaaS, and SaaS), it’s not surprising that organizations are struggling to reduce the noise of false positives.
“It’s like finding anomalies in an environment that is fundamentally anomalous,” he said. “Cloud security in this landscape is becoming more and more decentralized, and the more decentralized your cloud estate is, the more false positives you are likely to experience.”
Meanwhile, 85% of survey respondents said that they experienced an increased workload due to the shifts in working models, including remote workers, and nearly seven in 10 said the change in working models made it more difficult to keep company resources secure.
Gavish agreed there is also the challenge of IT and security teams being stretched thin, pointing to the acute shortage of cybersecurity professionals in the market.
“The hasty changes that were made to support remote work on the heels of the pandemic adds even more complexity,” he said. “All of these swirling issues coupled together create significant challenges for businesses leveraging cloud.”
From his perspective, the more an organization can centralize security solutions across disparate cloud technologies, the more likely it is that organization can successfully prevent and report on the issues that present a material risk to the business.
“We are seeing this in the merging of mature sectors like CASB, DLP and SSPM, with newer point solutions that provide centralization in a more lightweight offering,” he said.
Gavish explained this not only improves security in the general sense, but it also creates operational efficiencies for the IT and security teams.
“They can now focus their attention on more mission-critical tasks than having to sift through the haystack of false positives,” he said.