At the end of last year, Valtix released our first annual 2022 Multi-Cloud Security Report based on an independent research survey of 200 IT leaders. Since then, the feedback we’ve received from customers has been outstanding with a variety of cloud security leaders leveraging it to support their 2022 planning decisions. If you haven’t already downloaded your copy, you can do so here.
Beyond being interesting, many of the report’s findings and statistics on multi-cloud security were quite surprising. Here are the five findings that stood out:
- 94% will be multi-cloud within two years
- 72% customize cloud security strategy per cloud
- 82% say cloud security complexity freezes businesses
- The cloud is just another datacenter (75%), but cloud security is different (89%)
- Multi-Cloud security is a priority and necessity at 97% of organizations …but it’s underinvested at 76% of companies
Surprise #1: 94% will be multi-cloud within two years
There have been many surveys about the multi-cloud trend—nothing new there. However, what really drew my attention about our results is just how many organizations will be going multi-cloud by 2024. According to our research, 62% of participants were multi-cloud today. Interestingly, of those who were single cloud today, 84% stated they will be multi-cloud within two years.
That’s 94% of the 200 IT leaders surveyed in total. The trend is clear; if it wasn’t before, nearly every company needs to consider its multi-cloud strategy in 2022, and security is right at the center of that.
Surprise #2: 72% customize cloud security strategy per cloud
According to the research, 72% of IT leaders say their cloud security strategy is different for each cloud provider. I’m not sure why, but I expected to see more organizations already taking a multi-cloud security approach. As an industry, we’ve been on the cloud computing journey for well over a decade with an estimated $120B spent in IaaS this year.
Given some of the early statistic about multi-cloud adoption, it seems the underlying security architecture issue has dragged out. In 2022, this single cloud security mindset must give way to a multi-cloud security mindset. Otherwise, security will inevitably become a drag on the business.
Surprise #3: 82% say cloud security complexity freezes businesses
What’s surprising about this one for me is this: IT priority is driven by business priority. Typically, IT leaders are very quick to make changes in the face of business requirements. What’s so different in the case of cloud security? Why aren’t more leaders reacting to this business agility challenge?
Unfortunately, I think the other aspect is how many teams are even bypassing or minimizing security controls in the cloud just because security adds time and overhead counter to their needs.
Surprise #4: The cloud is just another datacenter (75%), but cloud security is different (89%)
The next one isn’t one statistic about cloud security, but rather two statistics. From my perspective, these stats highlight a bit of a contradiction regarding how IT leaders view the cloud.
- Stat #1 – 75% of IT leaders see cloud as being an extension of their existing datacenter.
- Stat #2 – 89% of IT leaders see cloud security to be different than on-premises approach
Let me get this straight, most view the cloud as an extension of their datacenter, but almost the same portion view cloud security as different? What I think these diverging stats highlight is an interesting dynamic. IT leaders WANT to view the cloud as just another datacenter, but they REALIZE that it’s not the same – at least when it comes to security.
The rub here is, how do they solve this tension? Do they invest more money into making on-prem tools work in the cloud in the name of “hybrid cloud”? Or do they thoughtfully analyze the differences and determine where cloud-native solutions make more sense? Have they created multi-cloud security operating model and architecture that enables them to accomplish their security objectives while minimizing operational redundancies with the cloud?
I’ve heard from many cloud security leaders that 2022 might be the year of thoughtful rationalization of tools in the cloud to choose the best model to blend cloud-native with hybrid cloud consistency.
Surprise #5: Multi-Cloud security is a priority and necessity at 97% of organizations, …but it’s underinvested at 76% of companies
Probably the biggest and most surprising result from the Multi-Cloud Security report was the difference between the perception of multi-cloud security priority and the reality of implementation. This is a huge indicator that we’re on the cusp of a shift.
The problem is understood.
The business priority is clear.
Now, leaders have the challenging task in the coming year of how to navigate a complex and quickly evolving landscape of multi-cloud security tools.
Who will be the winners and losers?
What platforms will emerge?
For Valtix, we’re all about protecting cloud workloads across every major provider and every infrastructure type. We eliminate the operational complexities of managing different cloud services, appliances, or agents in favor of consolidated multi-cloud policy management (Dynamic Multi-Cloud PolicyTM). We rationalize multi-cloud security into a single platform that helps address the gap between strategy and multi-cloud security investment.