A new study on the current state of cloud-native security found that a considerable number of cloud adopters do not understand the security risks of moving legacy applications to the cloud, opening themselves to a number of cloud-based attacks.
The study conducted by cybersecurity firm, Venafi, surveyed 800 security and IT leaders in organizations spanning four countries — the US, the UK, Germany, and France. The study was performed to examine the top threats and challenges currently facing cloud-native security.
“Application development teams are moving faster and faster to keep their businesses in the lead, turning to strategies like containerization and micro-services, which have made rapid-fire application enhancements a reality,” said the Venafi report. “In many cases, cloud-native security is lagging behind, and there is little clarity on who should own the security function within engineering, platform, and development teams.”
The report noted that this lack of clarity is a huge problem when it comes to securing machine identities — the authenticators that secure communications and connections within a cluster of containers — as they serve as the foundation of cloud-native security.
“Despite their relative importance, the application of machine identities in cloud-native implementations — such as service meshes, software supply chain security, and code signing of development artifacts — is often misunderstood,” the report added.
Rushed cloud adoption has cost and security implications
The respondents in the study revealed they are rapidly shifting to the cloud to do away with the lengthy application development and release cycles as they can’t afford to wait around for critical new features. Eighty-seven percent of the respondents said they have moved their legacy applications to the cloud.