A Palo Alto study shows that companies use an average of sixteen different cloud security solutions, spread across fourteen vendors. Although companies want to reduce the number of solutions, it is actually increasing.

Palo Alto surveyed 2,800 IT professionals worldwide about their cloud security policies for its annual Cloud Native Security Report. Securing the cloud turns out to be a very complex matter: On average, companies use sixteen different solutions. There is also fragmentation among vendors: on average, these sixteen solutions come from fourteen different vendors.

This fragmentation leads to paradoxical situations. Not surprisingly, 98 percent of respondents say they would like to reduce the number of security tools. Yet Palo Alto sees a 60 percent increase in the average number of cloud security solutions compared to 2023.

Tensions between IT and security

The report also looks at the relationship between DevOps (IT) and SecOps (security). Despite increasing cyber threats, the two camps appear to be growing further apart. 83 percent of IT professionals find security measures a burden and 79 percent say employees sometimes ignore or circumvent security rules. This is consistent with previous findings from Trend Micro, which found that IT security teams are rarely heard in the boardroom.

According to researchers at Palo Alto Networks, much of this can be traced back to the way companies practice DevOps. Security often results in countless tickets that end up with developers. The tickets continue to pile up, putting pressure on deadlines or even missing them. The study shows that almost half of IT professionals (48%) are very often faced with delays in software releases.

Of course, this causes dissatisfaction: seven out of ten IT specialists say they are stressed. The biggest source of stress seems to be the conflict between DevOps and SecOps. Additionally, almost all respondents (92%) say conflicting priorities hinder productivity. Seven in ten claim rushed implementations have introduced vulnerabilities into their systems.

AI code: a threat to the cloud?

AI-written code can also increase the excitement. A remarkable 100 percent of IT professionals surveyed say they use artificial tools to write code. However, 44 percent fear security risks associated with code written with or through AI, while 38 percent see AI-driven attacks as one of the biggest threats to the cloud.

According to Palo Alto Networks, the solution to these tensions lies in an end-to-end DevSecOps culture in which security is integrated from start to finish and is the responsibility of everyone in the company.