Cloud App Development

Uneven Adoption of Emerging Tech Found in a New Cloud Security Alliance Survey

Cloud Security Alliance (CSA), the world's largest organization dedicated to creating standards, certifications, and best practices that ensure a secure cloud computing environment, revealed the results of its most recent poll, Cloud Security and Technology Maturity, today. The poll, which was commissioned by CyberRes, a microfocus line of business and one of the world's top corporate software vendors, provides insight into enterprises' current and future intentions for cloud strategy, security, cloud services, and cloud-related technology.

"Cloud is a continuously evolving space with new services, strategies, and technologies springing up seemingly overnight. It's imperative, therefore, that organizations regularly change and adapt their approach to cloud and cloud security. While many of the survey's findings were in line with what we would expect, it was surprising that some technologies that have garnered the most hype are not, in fact, what organizations are planning to implement,"


Hillary Baron, lead author, and research analyst, Cloud Security Alliance

Despite introducing the General Data Protection Regulation (GDPR) in 2018, privacy-by-design is still in its early stage of development. With two-thirds of organizations (65%) either developing or planning to develop strategies, only 8% of respondents indicated that they have a fully implemented privacy-by-design strategy. Similarly, the survey also found that while blockchain and distributed ledger technology have been hyped for years, implementation rates have stagnated, owing to high failure rates caused by a lack of technical understanding combined with a high demand for resources.

Quantum-safe security and 5G aren't widely used yet, and additional research is required to determine the root causes and forecast a more reliable adoption timeframe.

"The growing popularity of artificial intelligence, machine learning, and Zero Trust, for instance, was definitely in keeping with what we have been hearing anecdotally across the industry, but there were also some surprises in what companies aren't using. While multi-cloud adoption is strongly favored, many organizations are facing challenges in taking deployments to a next level," said Satya Divadari, Head of Enterprise Security Architecture, CyberRes, a Micro Focus line of business.

Spotlight

Spotlight

Related News

Cloud App Management

HPE's GreenLake Breaks the $1 Billion Revenue Mark to Expand its Cloud

Hewlett Packard Enterprise | October 09, 2023

HPE's GreenLake revenue tops $1 billion and offers flexible payment models. GreenLake adds cloud-based backup and recovery as software-as-a-service. HPE launches AI-driven GreenLake for large language models and eyes the Asia-Pacific market. Hewlett-Packard Enterprise (HPE) has refined its GreenLake strategy, which was launched in 2017 as a response to the growing demand for IT consumption as a service. GreenLake's annual recurring revenue has now surpassed $1 billion, reflecting the popularity of the pay-as-you-go model for cost control and IT agility. However, in light of higher interest rates and economic uncertainty, organizations are showing decreased interest in pay-as-you-go approaches. As a result, HPE has introduced flexibility by offering GreenLake options through both capital expenditure (capex) and operating expenditure (opex) models, allowing customers to choose how they pay for their infrastructure. HPE has also expanded its GreenLake offerings in the software domain, providing software-as-a-service (SaaS) solutions, such as backup and disaster recovery, without requiring hardware investments. The platform supports backup and replication of workloads between cloud providers like AWS and Azure without the need for on-premises hardware. Joseph Yang, Managing Director of HPE, Singapore region, reportedly remarked, If you look at the architecture of HPE hardware, it’s becoming more and more like a modern smartphone, which is managed through the cloud, while your data and applications run on your premises. That’s what GreenLake is evolving into. [Source – Computer Weekly] The company is streamlining the management of hybrid infrastructures through GreenLake's infrastructure-as-a-service (IaaS) management platform. This platform can manage various HPE hardware, including networking equipment, servers, and storage, through the cloud, simplifying tasks like OS provisioning and firmware updates. Regarding data protection, HPE is focusing on helping customers manage their data lifecycles, whether stored on-premises or in the public cloud, through a centralized platform. HPE has also heavily invested in artificial intelligence (AI) solutions. They offer comprehensive AI solutions that cover the entire AI lifecycle, including machine learning data management software. In June 2023, HPE entered the AI cloud market with GreenLake for large language models (LLMs), allowing enterprises to privately train and deploy large-scale AI using supercomputers. Regarding the availability of this service in the Asia-Pacific region, Yang mentioned that market demand and factors like access to renewable energy need to be considered, especially in datacenter hubs like Singapore, where renewable energy sources are limited. Yang emphasized that addressing challenges like renewable energy sources and cooling methods is essential to supporting AI workloads effectively in the region.

Read More

Cloud Deployment Models

Red Hat OpenShift Now on Oracle Cloud: Growing Enterprise Options

Red Hat | September 22, 2023

Red Hat and Oracle expand their partnership, allowing Red Hat OpenShift to run on Oracle Cloud Infrastructure and providing more deployment options for enterprises. OCI's distributed cloud, offering high performance and security, now supports Red Hat OpenShift with certified configurations for virtual machines and bare metal instances. Customers gain flexibility in choosing deployment locations, while the partnership builds upon Red Hat Enterprise Linux support for OCI, enabling customized Linux images for various workloads. Red Hat and Oracle have announced an expansion of their partnership to offer customers more options for deploying applications on Oracle Cloud Infrastructure (OCI). Red Hat OpenShift, a well-known Kubernetes-powered hybrid cloud application platform, will receive support and certification to run on OCI as part of this collaboration. This move aims to provide enterprises with the flexibility to run their workloads on OCI's distributed cloud, known for its high performance, security, and cost-effectiveness. Customers will have the confidence to deploy Red Hat OpenShift on OCI using certified configurations, whether on virtual machines or bare metal instances. Additionally, this partnership allows for seamless migration of on-premises Red Hat OpenShift environments to OCI, with joint support from both Red Hat and Oracle. Karan Batta, Senior Vice President, Oracle Cloud Infrastructure, reportedly stated, Enterprises are migrating to Oracle Cloud Infrastructure to take advantage of the platform’s highly performant, secure, and low-cost services. Fully certifying and supporting Red Hat OpenShift on Oracle Cloud Infrastructure will enable Red Hat OpenShift customers to simply and easily run their workloads anywhere in the world on OCI’s distributed cloud. [Source – Webwire] OCI's distributed cloud spans more than 100 services across 45 public cloud regions, including specialized regions for government and dedicated regions at customer-controlled sites. This variety of offerings enables customers to choose the location that best suits their needs in terms of regulatory compliance, performance, and cost-effectiveness. Furthermore, the certification and support for Red Hat OpenShift on OCI build upon the availability of Red Hat Enterprise Linux on OCI, including support for OCI bare metal servers and Oracle VMware Cloud Solution. This expanded compatibility empowers customers to create customized Red Hat Enterprise Linux images for OCI to meet various application workloads and security compliance requirements. While the partnership between Red Hat and Oracle to enable Red Hat OpenShift on Oracle Cloud Infrastructure (OCI) offers significant advantages, there are some potential drawbacks to consider. One concern may be the complexity of migrating existing on-premises Red Hat OpenShift environments to OCI, despite the joint support provided by both companies. This process could entail challenges related to data transfer, application compatibility, and reconfiguration. Additionally, as with any cloud deployment, organizations need to carefully manage their costs, as cloud services can accumulate expenses over time. Proper planning and cost monitoring are essential to ensuring that the benefits of this technology expansion are maximized while keeping expenses in check. The collaboration between Red Hat and Oracle to bring Red Hat OpenShift to Oracle Cloud Infrastructure (OCI) offers numerous benefits for enterprises. Firstly, it provides organizations with a wider range of deployment options, allowing them to leverage the power of Red Hat OpenShift on OCI's distributed cloud infrastructure. This infrastructure is known for its high performance, robust security measures, and cost-effectiveness, making it an attractive choice for enterprises. Furthermore, the support for certified configurations on both virtual machines and bare metal instances enhances the flexibility and scalability of deployments. Last but not least, the ability to seamlessly migrate on-premises Red Hat OpenShift environments to OCI simplifies cloud adoption and guarantees operational continuity thanks to the combined support of Red Hat and Oracle. Overall, this technology collaboration empowers enterprises to optimize their cloud strategies and drive innovation in their application deployments. In summary, Red Hat and Oracle's collaboration facilitates greater choice and flexibility for enterprises looking to deploy applications on Oracle Cloud Infrastructure, with Red Hat OpenShift now being a certified and supported option for OCI users.

Read More

Cloud Security

Palo Alto Networks Revolutionizes Cloud Security With Industry-First Integrated Code to Cloud Intelligence

PR Newswire | October 23, 2023

In the last decade, organizations have begun building and deploying cloud applications at an unprecedented pace, and there's no sign of slowing down. According to Gartner, 65% of application workloads will be optimized or ready for cloud delivery by 2027 — up from 45% in 2022. Palo Alto Networks (NASDAQ: PANW) today reimagined how enterprises approach cloud security with the industry's first integrated Code to Cloud intelligence introduced as part of the Prisma® Cloud Darwin release. Today marks a "Darwin moment" for cloud security as Prisma Cloud pushes organizations to evolve beyond single point solutions and adopt a holistic approach that provides a single source of truth. While the cloud offers exceptional agility and efficiency, it introduces major security risks that have become increasingly widespread — 80% of security exposures are found in cloud environments, according to the company's Unit 42 Threat Intelligence team, which can result in large-scale breaches. These rising cloud attacks and the velocity of cloud application development are outpacing the speed at which security teams can protect their organizations. Current approaches for code-to-cloud security are siloed, with the average organization relying on six to ten tools for securing cloud infrastructure alone. Having disparate security tools leads to an incomplete security posture and creates a massive operational burden for security teams. With its new Code to Cloud intelligence, Prisma Cloud — the industry's most complete cloud-native application protection platform (CNAPP) — offers a single trusted place that connects insights from the developer environment through application runtime for security teams to contextualize alerts and pinpoint remediations. This intelligence effectively prevents risk and stops breaches while enhancing the end-user experience and improving developer and security team collaboration. "The only way to secure applications from code to cloud is by fending off risk from entering the development pipeline and preventing breaches of applications in production. This can only be achieved through an intelligent CNAPP platform like Prisma Cloud that gathers intelligence throughout the application lifecycle so security teams can precisely trace vulnerabilities and misconfigurations back to their origin in the source code. Prisma Cloud's Darwin release simplifies cloud security and improves productivity and collaboration across code, infrastructure, and runtime security." Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks In many organizations, the ratio of developers to security professionals can be 100 to 1, resulting in understaffed teams. The current approach of working in silos does not guarantee comprehensive code to cloud security. This gap will widen as developers increasingly use AI to write and deploy code more quickly. Prisma Cloud, now with Code to Cloud intelligence, fosters collaboration between developers and security professionals by linking production security issues to specific remediation recommendations in code. Melinda Marks, practice director, Enterprise Security Group, said: "Today's reality is we face a cybersecurity skills shortage, especially in cloud security, while organizations are increasingly leveraging cloud services for faster application development to best serve customers and drive business results. At the same time, we have a rapidly evolving threat landscape increasingly targeting cloud workloads. So, it's crucial to invest in an effective security solution that supports increased development productivity from code to cloud to enable security teams to optimize security risk mitigation and protect their applications to enable business growth." Chris Bogaards, vice president of IT security, Global Atlantic Financial Group, said: "Our greatest challenge before Prisma Cloud was gaining clear visibility into what was occurring in our cloud applications and what security alerts to prioritize. Our developers freely create applications with a myriad of tools not knowing what risks they're introducing into the organization. With Prisma Cloud, we now have a simple, yet comprehensive view across our entire application portfolio to understand what vulnerabilities we have, which ones to prioritize and how to fix them." Watch Global Atlantic Financial Group's customer testimonial.

Read More