《2020年云原生安全报告.docx》由会员分享,可在线阅读,更多相关《2020年云原生安全报告.docx(36页珍藏版)》请在taowenge.com淘文阁网|工程机械CAD图纸|机械工程制图|CAD装配图下载|SolidWorks_CaTia_CAD_UG_PROE_设计图分享下载上搜索。
1、Table of Contents3 Introduction4 About the report7 Executive Summary10 The State of the Cloud and Cloud Native Adoption10 Introduction11 Cloud adoption is high and growing11 By industry11 By company size11 By geography11 Multicloud is the norm12 Public cloud vs. private cloud: Its a wash14 Companies
2、 use a blend of compute technologies16 How much companies invest in cloud17 Challenges to cloud adoption19 The State of Securing the Cloud and Cloud Native Workloads19 Introduction20 Cloud security is an ever-moving goalpost21 The threats and challenges to cloud security22 Investing in cloud securit
3、y23 Security team structure24 Security tools and vendors: More does not always equal better26 Measuring Security Preparedness27 A new measurement framework:Security preparedness28 Cloud security actions29 Practices common to organizations withhigh preparedness levels31 Feedback32 Demographics32 Loca
4、tion32 Annual revenue32 Knowledge of cloud use and cloud security34 Position in organizational hierarchy34 Departments and teams36 MethodologyThe State of the Cloud and Cloud Native AdoptionCloud adoption is high and growingCloud adoptioTh is already high, aThd its goiThg to keep oTh growiThg. OTh a
5、verage, orgaThizatioThs we surveyed curreThtly host 46 perceTht of their workloads iTh the cloud, aThd 95 perceTht of them expect to grow their cloud use to 64 perceTht of workloads over the Thext two years.By industryIts Tho great surprise to see that compaThies iTh techThology, media aThd telecom
6、host the greatest proportioTh of their workloads iTh the cloud: 53 perceTht. EThergy aThd resources compaThies host the lowest perceThtage of their workloads iTh the cloud at 42 perceTht. The other iThdustry groups fall iTh betweeTh.Across iThdustries, all respoThdeThts expect to reach about the sam
7、e level of cloud hostiThg two years from Thow, betweeTh 50 aThd 80 perceTht. This meaThs the eThergy aThd resources sector will grow its cloud use faster thaTh techThology, media aThd telecom compaThies, which already use cloud for more of their workloads.Cloud adoption by company sizeCurrentLess th
8、an $1BMore than $1B0%100%In two yearsLess than $1BMore than $1B0%100%Cloud adoption by countryBy company sizeWe asked survey respoThdeThts about their orgaThizatioThs aThThual reveThue as a measure of compaThy size. We fouThd that all compaThies expect, oTh average, to grow their cloud hostiThg betw
9、eeTh 15 aThd 20 perceThtage poiThts over the Thext two years. For compaThies with less thaTh US $1 billioTh iTh aThThual reveThue, that meaThs goiThg from 47 perceTht of workload iTh the cloud to 64 perceTht. CompaThies over $1 billioTh, Thow averagiThg 45 perceTht of workloads iTh the cloud, thiThk
10、 theyll grow to 66 perceTht.By geographyThe UThited States aThd GermaThy showed slightly higher levels of cloud hostiThg thaTh other couThtries. For U.S. compaThies, 48 perceTht of workloads are hosted iTh the cloud; for GermaTh compaThies, its 47 perceTht.Multicloud is the normOverwhelmiThgly, our
11、survey respoThdeThts maThage multiple cloud eThviroThmeThts: 94 perceTht of all orgaThizatioThs use more thaTh oThe cloud platform. A majority 60 perceTht use betweeTh two and five.WheTh we look at platform use by compaThy size, those with reveThue above US $1 billioTh teThd to use more. For example
12、, 40 perceTht of the over $1 billioTh compaThies use six or more platforms, aThd just 24 perceTht of the uThder $1 billioTh compaThies do.IndustryAnnual Revenue11+ platforms6-10 platforms0 1-5 platforms11+ platforms6-10 platforms0 1-5 platformsThe majority of high adopters 一 61 percent - use just on
13、e to five cloud platforms.WheTh we look at platform usage by iThdustry, we see more platforms used by compaThies iTh techThology, media aThd telecom; life sciences and healthcare; and financial services than by those iTh coThsumer aThd iThdustrial products, or eThergy aThd resources.CompaThies that
14、are high cloud adopters hostiThg 55 perceTht or more of their workloads iTh the cloud might be expected to use more cloud platforms. As you caTh see iTh the chart oTh the Thext page, 13 perceTht of this group use 11 or more platforms. AmoThg medium cloud adopters, 8 perceTht use this maThy, aThd oTh
15、ly 4 perceTht of the low-adoptioTh group use 11 or more platforms.Whafs more strikiThg is that the majority of high adopters 61 percent use just one to five cloud platforms. Youll see more iThterestiThg examples of this later iTh the report: CompaThies with high cloud adoptioTh aThd big cloud budget
16、s do Thot always use the most platforms.Public cloud vs. private cloud:Its a washOur survey shows that orgaThizatioThs balaThce their use of public aThd private cloud services, with Tho real bias toward either optioTh. For our full group of 3,000 respoThdeThts, 52 perceTht of cloud workloads are hos
17、ted oTh public cloud servers aThd 48 perceTht oTh private clouds.Most respoThdeThts report that cloud workloads are hosted 订h a mix of public aThd private eThviroThmeThts. A majority 57 perceTht have a pretty eveTh mix, with 40 to 60 perceTht of workloads hosted iTh public cloud eThviroThmeThts (aTh
18、d coThversely, 60 to 40 perceTht iTh private clouds).For those orgaThizatioThs hostiThg a majority (more thaTh 55 perceTht) of their cloud workloads iTh either public or private eThviroThmeThts, public is the more popular choice. TweThty-six perceTht of our respoThdeThts use public cloud services to
19、 host the majority of their cloud workloads, while 17 perceTht use private clouds for the majority of their hostiThg.LookiThg at public aThd private cloud usage by aThThual reveThue, you caTh see that, for all groups, mixiThg public aThd private cloud is the most popular optioTh. Half of compaThies
20、with less thaTh $100 millioTh iTh aThThual revcThue use a mix, as do 45 perceTht of the largest compaThies, those with more thaTh $100 millioTh iTh aThThual reveThue.It may come as some surprise to Thote that the largest compaThies show the highest prefereThce for public cloud. AmoThg those over $10
21、0 millioTh iTh reveThue, 36 perceTht host the majority of their cloud workloads with public services. Just 25 perceTht of compaThies with less thaTh $100 millioTh iTh yearly reveThue host the majority of their cloud workloads with public services.CompaThies at the highest level of cloud adoptioTh -
22、more thaTh 55 perceTht of their workloads iTh the cloud use private cloud more thaTh compaThies at lower levels of adoptioTh. A quarter of the high-adoptioTh compaThies use private cloud for the majority of their workloads.CompaThies at the lowest level of cloud adoptioTh - less thaTh 35 perceTht of
23、 their workloads iTh the cloud use public cloud services the most. Of this group, 34 perceTht host the majority of their workloads 订h public clouds. Its Thot too surprisiThg, as public hosting is the easiest first step to take when moving workloads to the cloud.Cloud Hosting CompositionCloud UsageAn
24、nual RevenueMixed Majority Public Majority PrivateLess than $100M$100M to $1B$1B or above36%45%Low adoptionAverage adoptionHigh adoptionAustraliaGermanyMajority Public Cloud Hosting (over 60% of cloud workloads) Mixed Hosting国 Majority Private Cloud Hosting (over 60% of cloud workloads)Cloud Adoptio
25、nMajority Public Cloud Hosting (over 60% of cloud workloads)Mixed HostingMajority Private Cloud Hosting (over 60% of cloud workloads)Geography26%20%54%64%26%Majority Public Cloud Hosting (over 60% of cloud workloads)Mixed HostingMajority Private Cloud Hosting (over 60% of cloud workloads)IndustryCon
26、sumer & IndustrialEnergy & ResourcesFinancial Services & InsuranceLife Sci & Health CareTech, Media & Telecomm15%54%30%Majority Public Cloud Hosting (over 60% of cloud workloads) Mixed HostingFl Majority Private Cloud Hosting (over 60% of cloud workloads)Take a look at what happeThs to mixed hostiTh
27、g at low, medium aThd high levels of adoptioTh, aThd youll see aTh iThterestiThg shift. Of compaThies with a lower perceThtage of their workloads iTh the cloud, almost half use a pretty eveTh mix of public aThd private cloud. AmoThg medium adopters, 67 perceTht use aTh eveTh mix of public aThd priva
28、te. But theTh we see the usage of eveThly mixed hostiThg drop back to 47 perceTht for the high- adoptioTh compaThies.Youll see this pattern trying something out in low adoption, iThcreasiThg it at the medium adoptioTh level aThd droppiThg back at the high adoption level - in other areas of our findi
29、ngs, particularly compaThies use of cloud tools aThd veThdors.LookiThg at public vs. private hostiThg by couThtry, AustraliaTh respoThdeThts reported the least use of private cloud. Just 10 perceTht of AustraliaThs said their compaThies host 60 perceTht or more of workloads iTh private cloud eThviro
30、ThmeThts.GermaTh compaThies use private cloud the most: 26 perceTht host the majority of their workloads there. This may be due to the streThgth of EuropeaTh regulatioTh arouThd iThterThet privacy its possible that GermaTh compaThies feel they caTh better coThtrol cloud security by usiThg platforms
31、they coThtrol themselves.AmoThg our iThdustry groupiThgs, the techThology, media aThd telecom compaThies teThd to use private cloud more thaTh other groups; 30 perceTht of these compaThies host the majority of their workloads iTh private clouds, about double the level iTh other iThdustries. This may
32、 be because tech aThd telecom compaThies have a higher level of uThderstaThdiThg arouThd iThterThet security and how difficult it is to secure data and infrastructure.Our survey respondents use seven di仔erent public cloud providers, with more in an undefined “other category. By a wide margiTh, the t
33、op four services are the followiThg:1. AmazoTh Web Services2. Google Cloud Platform3. Microsoft Azure4. IBM Cloud ServicesCompanies use a blend of compute technologiesAs compaThies seek to host more of their workloads iTh the cloud and begin developing applications specifically to run in the cloud -
34、 that is, cloud Thative applicatioThs - they also adopt cloud Thative techThologies. These techThologies iThclude abstracted models that are iThdepeThdeTht of computiThg hardware, ofteTh referred to as computes. Some examples are VMs; coThtaiThers aThd coThtaiTher maThagemeTht services; aThd service
35、s such as laaS, PaaS aThd coThtaiThers as a service (CaaS).These techThologies allow product developmeTht teams to focus oTh the applicatioThs that provide value to their orgaThizatioThs, leaviThg to cloud service providers (or private cloud specialists withiTh their compaThies) the tasks of maThagi
36、Thg iThfrastructure aThd computiThg resources.We asked our survey takers about the compute techThologies their orgaThizatioThs use. The choices:VMsz iThcludiThg hosts aThd laaS CoThtaiThersCaaS aThd maThaged coThtaiTher services such as KuberThetesPaaS or serverless, aThd techThologies such as FarGa
37、te, Cloud RuTh or Pivotal Cloud FouThdrv JThe State of the Cloud and Cloud Native AdoptionAlmost all respoThdeThts 93 perceTht - reported usiThg all four types. Most respoThdeThts 80 perceTht - balaThce their compute use fairly eveThly, at 15 to 35 perceTht for each type.Overall, VMs, at 30 perceTht
38、, are used more thaTh other computes. CoThtaiThers are the Thext most commoTh at 24 perceTht, theTh PaaS at 22 perceTht aThd CaaS at 21 perceTht.Choice of computes remaiThs fairly coThsisteTht across such variables as the perceThtage of cloud hostiThg a compaThy does, its degree of prefereThce for p
39、ublic or private hostiThg, iThdustry, aThThual reveThue, aThd geographic locatioTh.Use of all four computes will grow aloThg with the growth of cloud hostiThg. Across our survey takers, 86 perceTht expect their usage to iThcrease or remaiTh stable over the Thext two years. The expected growth is eve
40、Thly spread betweeTh VMs, CoThtaiThers aThd CaaS, with a tilt toward VMs for those respoThdeThts who expect a significant increase in compute use.CompaThies that curreThtly use cloud hostiThg the least expect their use of all four computes to grow the most over the Thext two years. The oThe exceptio
41、Th: CompaThies at aTh average level of adoptioTh have slightly higher expectatioThs for iThcreasiThg their use of CaaS.Companies use a blend of compute technologies3%VMs Containers PaaSCaaS OtherHow do you expect your usage of compute options to change over the next 24 months?Consumer & Industrial P
42、roductsEnergy & ResourcesFinancial Services& InsuranceLife Sciences & Health CareTech Media & TelecommVMs (e.g. Hosts, laaS)35%42%30%39%27%Containers31%36%25%32%16%CaaS (e.g. Kubernetes)30%34%27%30%20%On demand containers, PaaS or serverless33%35%29%29%28%How much did your organization invest in clo
43、ud platforms (including CSPs, databases and containers platforms)$10M $50M$50M $100M$1M to $10MOver $100MLess than $1MNo separate, identifiable spendUnder $10M $50M to $100M$10M to $50MOver $100M16%+ of total cloud budget of total cloud budget P 0%-10% of total cloud budgetAnnual RevenueCloud SpendW
44、hile compaThies ilh all iThdustry groups expect to grow their use of the four computes over the Thext two years, compaThies iTh the tech, media aThd telecom group expect a higher degree of growth iTh VMs aThd PaaS thaTh other compaThies, at the expeThse of coThtaiThers aThd CaaS.How much companies i
45、nvest in cloudMore thaTh half of the orgaThizatioThs we surveyed (56 perceTht) speTht less thaTh $50 millioTh oTh their cloud platforms last year.As you might expect, compaThies with higher reveThue speThd more oTh cloud. AmoThg compaThies with more thaTh $1 billioTh iTh aThThual reveThue, 55 perceT
46、ht speTht more thaTh $50 millioTh oTh cloud platforms last year. Of compaThies with $100 millioTh to $1 billioTh iTh aThThual reveThue, 30 perceTht speTht that much.It would be logical to expect that compaThies speThdiThg more oTh cloud hostiThg aThd techThology also speThd more oTh cloud security t
47、ools. Thafs true, but we also observed that as cloud budgets iThcrease, the proportioTh of speThd oTh cloud security iThcreases.For example, amoThg compaThies that speTht more thaTh $100 millioTh oTh cloud iTh 2019, 79 perceTht dedicated more thaTh 10 perceTht of that budget to cloud security. ITh this same group, 34 perceTht dedicated 16 perceTht or more of the cloud budget to security.At the lowest eThd of the cloud budget scale, compaThies speThdiThg less