Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today published its 2023 State of Cloud-Native Security Report. The report surveyed 200 Australians to better understand their cloud adoption strategies and how they work.

With organisations of all sizes moving more of their operations to the cloud, a majority are struggling to automate cloud security and mitigate risks. It’s one reason why many companies are trying to improve security earlier in the development process, and looking for fewer vendors that can offer more security capabilities.

Cloud Use Has Grown, Along With Security Concerns – The expansion of hybrid work during the pandemic drove organisations to expand their use of clouds by more than 25% globally, with 89% of Australian businesses expanding their use of cloud by more than 30% in the past 12 months. As a result, DevOps teams are being pressed to deliver production code at warp speed — making application security more complex and putting pressure on security organisations to keep pace.

Most Organisations are Slow to Detect and Respond to Threats – 93% of organisations in Australia we surveyed said they could not detect, contain and resolve cyber threats within an hour. A majority reported a weak security posture and believe they need to improve their underlying activities — from gaining visibility into multiple clouds to applying more consistent governance across accounts to streamlining incident response and investigation.

Teams Don’t Understand Their Security Responsibilities – When asked about the challenges of moving to the cloud, respondents’ top concerns remained unchanged from our 2020 report: struggles with comprehensive security, compliance, and technical complexity. A large majority (75%) of organisations in Australia said they had distributed responsibility for cloud security to individual teams. Still, over half (52%) said a majority of their workforce does not understand their security responsibilities.

A Greater Need for Code-to-Cloud Security – As more applications are being built in the cloud using off-the-shelf software, there’s a risk that any vulnerability in the development process could compromise an entire application later on. That’s why more companies are encouraging a deeper level of engagement between application developers and security tools and teams — with 87% of Australian respondents saying they have embedded security professionals inside their DevOps teams.

“With three out of four organisations deploying new or updated code to production weekly, and almost 40% committing new code daily, no one can afford to overlook the security of cloud workloads,” said Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks. “As cloud adoption and expansion continue, organisations need to adopt a platform approach that secures applications from code to cloud across multi-cloud environments.”

Moving Towards Consolidation – Three-quarters of the leaders we surveyed say they struggle to identify which security tools are necessary to achieve their objectives. This has led many of them to implement numerous single-point solutions — with the average organisation using three to four tools dedicated to cloud security.

The sheer number of security tools makes it difficult for leaders to have in-depth visibility into their entire cloud portfolio. 80% of survey respondents reported that using multiple security tools creates blind spots that affect their ability to prioritise risk and prevent threats. And 84% said they would benefit from a centralised security solution that sits across all of their cloud accounts and services.

A Clear Path Forward – Despite the upheaval caused by the pandemic, organisations have mostly been able to succeed in their cloud expansions — and organisations that made cloud infrastructure a strategic focus across the business were generally more successful. This makes cloud security a clear enabler of business outcomes.

Of course, better security does not guarantee success. But having security under control — consolidating tools and vendors and using proven DevSecOps and security automation strategies — lets development teams do their jobs better, and gives organisations the tools they need to succeed.

About the Survey

This survey was administered online by Palo Alto Networks, and data was gathered from November 21, 2022, to December 14, 2022. Respondents were surveyed from across the globe, spanning the U.S., Australia, Germany, the UK, Singapore and Japan. Over half are from enterprise-sized organisations (over $1B in annual revenue), and respondents were gathered from both ends of the organisational spectrum between executive leadership and more practitioner-level roles in order to understand sentiments broadly across companies.

Additional Resources

• Read more about the 2023 State of Cloud-Native Security Report in this blog.
• Watch the State of Cloud-Native Security Report Webinar on demand.
• Find out more about Prisma Cloud here.
• Follow Palo Alto Networks on Twitter, LinkedIn, Facebook and Instagram.

About Palo Alto Networks

Palo Alto Networks is the world’s cybersecurity leader. We innovate to outpace cyberthreats, so organisations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we’re committed to helping ensure each day is safer than the one before. It’s what makes us the cybersecurity partner of choice.

At Palo Alto Networks, we’re committed to bringing together the very best people in service of our mission, so we’re also proud to be the cybersecurity workplace of choice, recognized among Newsweek’s Most Loved Workplaces (2021 and 2022), Comparably Best Companies for Diversity (2021), and HRC Best Places for LGBTQ Equality (2022). For more information, visit www.paloaltonetworks.com.

Palo Alto Networks, Prisma, and the Palo Alto Networks logo are registered trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names, or service marks used or mentioned herein belong to their respective owners. Any unreleased services or features (and any services or features not generally available to customers) referenced in this or other press releases or public statements are not currently available (or are not yet generally available to customers) and may not be delivered when expected or at all. Customers who purchase Palo Alto Networks applications should make their purchase decisions based on services and features currently generally available.