- Tool proliferation and visibility gaps are blocking companies from good security postures, the report says
- About two out of three agree that they prefer a unified security platform
- Consolidation and automation are two of Fortinet’s five recommendations
A new Fortinet report has confirmed that the cloud is now considered mission-critical for most companies, supporting many operations and their AI strategies – but it also comes with its drawbacks.
For example, the cloud has massively expanded the attack surface beyond the scope of legacy cybersecurity tools.
As a result, more than two-thirds (69%) now blame tool proliferation and visibility gaps for creating cloud security barriers, and a similar number (66%) also admit they are not highly confident in their ability to detect and respond to cloud threats in real-time, marking an increase compared to the same data from a year ago.
To further compound the increased attack surface, 88% of organizations use hybrid or multi-cloud environments, and 81% use two or more providers, which only adds to the complexity and risk.
As for the current state of cloud-focused security, automation mostly serves as an alerting tool, with only 11% having autonomous remediation. Three in five (59%) companies rate their maturity as ‘early stage’, with some of the biggest risks identified across identity and access (77%), misconfigurations (70%) and data exposure (66%).
Clearly, money is not the issue, as more than half (62%) expect cloud security budgets to increase, compared to just 5% who expect it to decrease. In fact, a not insignificant 34% of IT security budgets are allocated to cloud security on average.
What Fortinet is calling for is the simplification of tools – 64% agree that they prefer a unified security platform rather than stitching together multiple tools.
Looking ahead, Fortinet offers five key principles to improve the state of multi-cloud security: establishing unified visibility across all accounts, data stores and workloads; tool consolidation; linking multiple risk domains rather than treating each element in isolation; adding a layer of automation to solve low-risk, high-volume problems; and extends security beyond the cloud to networks, SaaS and endpoints.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
