79%
Question consistent cloud security policy
enforcement
56%
Lack of security expertise and
resources
48%
Operational complexity and
multi-cloud support
THE HEAD SCRATCH-WORTHY
Then, there were a mul tude of answers that did li le to ins ll confidence in the urgency and vigilance
associated with making cloud infrastructure secure.
• A mere 8% of respondents say they have implemented
highly opera onalized cloud security prac ces when
spinning up new compute resources and environments
• Only 6% of respondents say that their companies
automa cally build security into every workload up front
and orchestrate processes across every cloud so that
developers don't have to worry about remembering to
build security in themselves
• Only 3% of respondents consistently leverage "immutable
infrastructure" as a security measure, whereby cloud
resources are automa cally destroyed and rebuilt every
set number of days
And if all of that wasn't enough, 72% of respondents admit their companies moved to the cloud and
mul -cloud without properly understanding the skills, maturity curve, and complexi es of making
it all work securely.
Rela ve to specific cloud security concerns, respondents cited the following –
• 79% ques on whether their companies apply consistent
cloud security policy enforcement
• 56% point to a lack of mul -cloud and cloud security
exper se and resources; and
• 48% count opera onal complexity and mul -cloud
support as key concerns.
And if that weren't enough, 69% of respondents say their developers spend less than a single hour per
week ensuring the cloud resources they provision are secure.
2
CloudBolt Industry Insights Report:
"Sometimes, Somewhat" Security –
A Disconcerting Look at the Reality of Hybrid Cloud/Multi-Cloud Vulnerabilities
68% of respondents said their companies' security skill sets across all clouds was only
"Somewhat Mature"; another 20% were "Neutral" – not exactly resounding assurance.
72%
72% admit their companies
moved to the cloud without
proper understanding
