The State of Cloud & SaaS Security Report

The rapid adoption of cloud services and containerized applications has progressed unabated, fueled by enterprises looking to drive innovation, enhance agility, and reduce costs. This seismic shift in IT hasn’t been without its challenges, however, particularly when it comes to keeping businesses and their digital assets safe from loss, theft, or compromise.

As most organizations discover early on in their cloud and SaaS transformation journeys, traditional defenses geared toward on-premises environments can quickly be overwhelmed by cloud- and SaaS-centric challenges, such as a lack of visibility, unique identity and access management requirements, critical configuration management issues, sophisticated threats, and the need for additional targeted security resources to deal with all of the above.

New research commissioned by Qualys and conducted by Dark Reading shines new light on the various ways information security professionals are coping — or struggling — with the difficulties and nuances of safeguarding cloud and SaaS assets, including measuring, communicating, and eliminating cyber risk in the cloud. The data shows in stark relief the real-world challenges defenders face when it comes to shoehorning traditional security practices and methods — things like managing configs and vulnerabilities, controlling access, and corralling siloed security tools — into the defenses of dynamic multi-cloud and multi-SaaS environments.