Study examines application connectivity security in the cloud

Companies encountering numerous pain points as they seek to manage application connectivity security and risk.

  • 1 year ago Posted in

The Cloud Security Alliance (CSA)  has released its report ‘Deconstructing Application Connectivity Challenges in a Complex Cloud Environment’. The survey, conducted in partnership with AlgoSec, a global cybersecurity leader in securing application connectivity, sought to better understand the industry’s knowledge, attitudes, and opinions regarding application connectivity security in the cloud.

“Increasingly, organizations are taking advantage of SaaS applications to the point where application security has become an integral part of many organizations' security strategies. Despite their growing prevalence, organizations are still faced with a host of pain points when it comes to application connectivity security and risk management,” said Hillary Baron, Senior Technical Director for Research, Cloud Security Alliance, and a lead author of the report.

Among the key findings:

Managing risk for application connectivity is a complicated task. Lacking a single source of truth, organizations are trying to use multiple methods to get similar information: 53 percent of respondents reported using a cloud provider’s assessment service; 50 percent use a third-party cloud-only tool, another 45 percent use a generic risk or vulnerability assessment tool, and 32 percent use a third-party hybrid network security tool.

Managing application connectivity risks in the deployment process is changing. Traditional security teams are responsible for identifying and mitigating risk and this still holds true for 42 percent of organizations. However, there is a shift happening: Thirty-two percent of organizations utilize infrastructure as code with embedded security checks, suggesting organizations are beginning to use more automation, leaving less room for human error.

Human error leads to significant application downtime. Nearly 75 percent of organizations have experienced an application outage in the past 12 months, and for over half (52%) of the outages, operational human error and mismanagement was the cause—unsurprising, given the skills gap that has plagued the information security industry.

“As cloud-native business applications become the standard for business transformation and innovation, the need to incorporate security into the DevOps process is paramount,” said Jade Kahn, Chief Marketing Officer, AlgoSec. “However, cumbersome security processes and lack of visibility are slowing applications’ time-to-market and compromising security in this new paradigm. This research underscores the importance of identifying risk early in the DevOps process and aligning all stakeholders around risk and compliance gaps from the start.”


New state-of-the-art data centre features Vultr’s first AMD GPU supercompute cluster.
Only a quarter (25%) think their approach to the cloud is carefully considered and successful.
Moving to AWS Cloud will enable The Co-operative Bank to adopt cutting edge IT Infrastructure.
The global airline group will upgrade the value of its data and get its AI & generative AI ready...
IONOS, a leading European digitalisation partner for small and medium-sized businesses (SMBs) and...
Businesses in the UK are risking slower development as they fail to fully embrace technologies that...
Talent and training partner, mthree, which supports major global tech, banking, and business...
TMF Group, a leading provider of critical administrative services for global businesses, turned to...