According to a cloud native security report by Venafi, 87% of security and IT leaders have started moving legacy applications to the cloud. However, more than half of those leaders (59%) did not understand the associated security risks.
Fifty-nine percent of respondents admit to having experienced security-related issues within Kubernetes or container environments. For 33% of respondents, security issues delayed an application launch, while 32% experienced disruption to application services.
Eighty-five percent of security teams report setting the strategy for managing security risk and governance across cloud native environments. However, the actual implementation of security tools, governance and policies is split among development, security and platform teams, with a slight majority going to the development teams (41%).
What’s more, 74% of respondents worry that developers are challenged with several conflicting priorities, so security is not always top of mind. Finally, 90% believe security teams need to increase their understanding of cloud native environments to ensure applications are secure.
Seventy percent of security and IT leaders believe that software supply chain attacks are their biggest security blind spot. Additionally, 85% believe that continuous security validation to the CI/CD pipeline is vital to reducing the risk of vulnerabilities going undetected during the software development lifecycle. Eighty-eight percent believe that machine identity management is essential to the success of zero trust models.
Read the full report here.