Ermetic, the cloud infrastructure security company, today released the findings of a research study conducted by Osterman Research on the cloud security maturity level of organizations in North America. The survey found that 84% of respondents were at an entry level (one or two) in terms of their cloud security capabilities and only 16% ranked at the top two levels. Meanwhile, 80% of companies reported they lack a dedicated security team responsible for protecting cloud resources from threats. The survey also revealed the top five priorities that all highly mature companies have in common when it comes to cloud security.
Osterman Research surveyed 326 organizations in North America with 500 or more employees and who spend a minimum of $1 million or more each year on cloud infrastructure to establish an industry baseline against the Ermetic Cloud Security Model. The model was designed to provide organizations with a lightweight framework for determining their maturity level (1 - Ad Hoc, 2- Opportunistic, 3- Repeatable, 4- Automated & Integrated) across multiple domains, while allowing them to develop a specific, actionable roadmap for advancing their capabilities.
"One of the most unexpected findings that emerged from this study was the lack of cloud security maturity among the largest enterprises surveyed," said Michael Sampson, senior analyst for Osterman Research and author of the report. "Less than 10% of companies with more than 10,000 employees reported being at the top two maturity levels, while nearly 20% of smaller enterprises have achieved repeatable or automated & integrated cloud security capabilities."
Other Report Highlights
"This survey makes two things very clear. Without the right tools, spending lots of time and resources on cloud security will not necessarily make you more secure," said Shai Morag, CEO of Ermetic. "And, by focusing on the right priorities you can achieve a very high level of security maturity regardless of your organization's size."
Five Habits of Highly Mature Companies
Organizations that reported focusing on the five following security priorities achieved the highest levels (3 or 4) of maturity:
Resources
A full copy of the survey findings is available here:
https://l.ermetic.com/wp-cloud-maturity-model-survey-results?utm_campaign=Osterman%20Survey%202022&utm_source=Press%20release
Organizations that want to benchmark themselves against the Ermetic Cloud Security Maturity Model and their peers can access a free online self-assessment here:
https://ermetic.com/maturity-model/cloud-security-maturity-assessment/?utm_campaign=Osterman%20Survey%202022&utm_source=Press%20release
Finally, Ermetic will host a Webinar to discuss the report's findings and the Ermetic Cloud Security Maturity Model on Wednesday, August 17, 2022, at 10:00 AM PT / 1:00 PM ET. The report's author, Michael Sampson of Osterman Research, and the creator of the maturity model, Lior Zatlavi, Sr. Cloud Security Architect at Ermetic, will present. To register visit:
https://l.ermetic.com/webinar-cloud-security-maturity-survey?utm_source=Press_release&utm_campaign=Osterman_Survey
About Ermetic
Ermetic helps prevent breaches by reducing the attack surface of cloud infrastructure and enforcing least privilege at scale in the most complex environments. The Ermetic SaaS platform provides comprehensive cloud security for AWS, Azure and GCP that spans both cloud infrastructure entitlements management (CIEM) and cloud security posture management (CSPM). The company is led by proven technology entrepreneurs whose previous companies have been acquired by Microsoft, Palo Alto Networks and others. Ermetic has received funding from Accel, Forgepoint, Glilot Capital Partners, Norwest Venture Partners, Qumra and Target Global. Visit us at https://ermetic.com/ and follow us on LinkedIn, Twitter and Facebook.
These press releases may also interest you
|