Why cloud security is the top IT budget priority for 2019

Research from Threat Stack found that 54% of companies are worried about outgrowing their current security solutions.

Business leaders must change their security posture to remain safe in the cloud

More than half of companies (54%) share the fear that they may soon outgrow their current security solutions, according to a new report from Threat Stack. In a Thursday press release, the company explained that shifts in corporate infrastructure will lead most of those companies surveyed to prioritize cloud workload security and intrusion detection systems (IDS) in their 2019 budgets.

So, why cloud security? Only 41% of respondent infrastructure remain on-premises, the release said. Businesses are increasingly migrating to alternate infrastructure options like IaaS (25%), PaaS (17%), and containers (10%).

Over the next two years, budgets overall are expected to increase about 19%, the release said. In addition to security, many companies leaders are also prioritizing DevOps investments as a way to stay on top of changing infrastructure trends.

SEE: Cloud migration decision tool (Tech Pro Research)

DevSecOps, a security-focused approach to DevOps, is often listed as a goal in most firms, but isn't implemented properly. In fact, 91% said they believed development teams were introducing new risk to the organization due to their required access for the following three things:

  1. Sensitive corporate information (45%)
  2. Personally identifiable information (40%)
  3. Root-level permissions (34%)

According to the release, some 29% of those surveyed said they believe their organization places priority on code that simply works over code that is secure. However, security teams have their own challenges with 63% saying they believe they slow down the business, but nearly three-quarters saying they're expected to match pace with the DevOps teams.

There is a misalignment in what is happening across security and the development and operations teams, the release said; and how the companies are approaching this now isn't working. Some 52% said their current security strategy isn't setting them up for future growth.

While budgets are expected to increase, 90% of respondents said they're facing challenges with allocation. It's hard to find solutions that are affordable and scalable, properly evaluate vendors, and match the strategy of their department budget with that of the company overall.

The big takeaways for tech leaders:

  • 54% of companies are worried that they might outgrow their current security solutions, putting them at greater risk. -- Threat Stack, 2018
  • 91% of company leaders believe that development teams are introducing new risks to their organization. -- Threat Stack, 2018

Also see

Image: iStockphoto/merznatalia