Navigating Cloud-Native Security: A Comprehensive Look at Challenges and Solutions

Cloud technology has revolutionized the way businesses operate in recent years, allowing for greater flexibility and scalability in operations. However, along with the benefits come significant challenges, particularly in regards to cloud security. As more organizations migrate their operations to the cloud, the need for robust security measures continues to grow.

SUSE, a global technology company specializing in open-source software, has conducted a comprehensive survey on cloud security, analyzing trends and concerns prevalent among businesses. The survey was presented at the annual SUSECON conference in Munich, and it provides insight into the experiences and expectations of IT professionals worldwide.

The prevalence of cloud security incidents

The survey reveals that cloud security incidents are widespread, with 88% of those surveyed experiencing at least one incident in the last 12 months. The types of cloud security incidents vary, with data breaches and account hijacking being the most common.

Cloud security concerns

Not surprisingly, data stores hosted by cloud vendors or third parties were the top cloud security concern, with nearly a third of respondents citing this as their primary concern. This is particularly relevant given that nearly all businesses store sensitive information such as intellectual property and client data in the cloud.

Budget allocation for cloud-native security

The individuals surveyed spent about 36% of their IT budget on cloud-native security, highlighting the growing awareness of the importance of adequate investments in cloud security infrastructure. Some popular security solutions include: anti-virus software, firewalls, intrusion detection and prevention systems, virtual private networks (VPN), security information and event management (SIEM) systems, and encryption technologies. Both security automation and container firewall were widely adopted, each accounting for 38% of the respondents. Antivirus solutions were also commonly used, being at 32%.

Future concerns regarding source code auditability

One third of the respondents said that increased re-evaluation and prioritization of goals related to source-code auditability would become a concern in the coming years. This trend is evidenced by the increase in high-profile supply chain attacks that have highlighted the risks inherent in poor software development practices.

SUSE’s Recognition of Digital Transformation and Open Source Solutions

SUSE’s chief technology and product officer, Dr. Thomas Di Giacomo, said, “At SUSE, we recognize that every business is on a journey of digital transformation. This transformation can be vastly accelerated by open-source solutions.” The survey results emphasize the importance of investing properly in security solutions for businesses as they continue to rely more on cloud technology.

Source code auditability and SBOM depth/quality/security are priorities

45% of US respondents placed a higher priority on source-code auditability, while 36% focused on SBOM depth/quality/security to ensure businesses meet supply chain security goals. In contrast, Germany and the UK were less concerned about source-code auditing (with just 23% and 26% of respondents prioritizing it, respectively), and they spent less on cloud-native security.

Comparison of spending priorities between cloud-native security and source code auditing

The survey indicates that there is a correlation between a business’s investment in cloud-native security and their prioritization of source code auditability. US businesses, which spend the most on cloud-native security, also prioritize source code auditability more highly than businesses in the UK and Germany. This highlights the need for proper investments in both cloud-native security solutions and software development practices to ensure comprehensive security in the cloud.

Conclusion and announcement of survey result

In conclusion, the SUSE survey provides valuable insight into the current state of cloud security, as well as the concerns and investment priorities of businesses worldwide. As organizations continue to migrate operations to the cloud, it is clear that proper investments in cloud-native security solutions and software development practices to ensure source-code auditability will be essential in maintaining robust cloud security.

The survey results highlight that SUSE is well-positioned to support businesses that choose secure open-source solutions for their most mission-critical and innovative workloads as they transform with the cloud. SUSE’s commitment to open-source solutions aligns with the growing trend of businesses seeking more secure and customizable cloud technology.

Explore more

Ethereum Uses AI Swarms to Proactively Patch Network Flaws

The architectural integrity of global decentralized networks has reached a pivotal juncture where the speed of malicious exploitation often outpaces the traditional cadence of human-led security audits. To address this widening gap, The Ethereum Foundation has fundamentally transitioned its security strategy from a reactive model to an automated, proactive defense paradigm that leverages the power of machine learning. This shift

How Is ERP Modernization Driving DLA to Audit Readiness?

The Defense Logistics Agency currently manages an intricate global supply chain that serves as the backbone for the United States military, requiring an unprecedented level of financial precision and operational transparency to meet modern oversight requirements. This massive undertaking involves a transition from aging, siloed legacy systems to a unified Enterprise Resource Planning environment designed to provide real-time visibility into

What Makes Odyssey Infostealer a Global Threat to macOS?

The long-standing myth that macOS remains immune to sophisticated cyberattacks has been decisively shattered by the emergence of the Odyssey infostealer, a highly specialized malware variant engineered to bypass modern system integrity protections. This transition represents a fundamental shift in the threat landscape, where the historical security-by-obscurity advantage once enjoyed by Apple users has entirely vanished. As the adoption of

Can AI Secure Windows Without Compromising Stability?

The sheer scale of modern software development has reached a point where manual code review is no longer sufficient to protect the billions of devices running Windows across the globe. As lines of code multiply and interdependencies become more complex, traditional security measures are struggling to keep pace with the rapid evolution of sophisticated digital threats. In response to this

Xero Launches JAX to Redefine Accounting with Agentic AI

Small business owners have historically spent an exhausting amount of time tethered to spreadsheets and receipts, but the emergence of agentic AI is finally turning those static records into a living, breathing financial command center that operates with minimal human oversight. With more than five million global subscribers now integrated into its ecosystem, Xero is spearheading a movement toward Accountable