Intelligent CISO Issue 50 | Page 55

Research finds 78 % of CISOs believe OSS provides them with access to the best cloud security

Perspectives on cloud-native security
The survey also evaluated CISO perspectives on risks and security approaches for software security and cloud-native environments . According to the report , 87 % of the respondents agree that securing the full application lifecycle – including infrastructure , application code and workloads – is critical and 84 % agree that automated security checks across the software supply chain can actually accelerate software delivery .
New CISO research from Aqua Security reveals perceptions on cloud-native security and substantial progress in understanding benefits of open-source in security .
qua Security has issued new

A research that shows that nearly 70 % of Chief Information Security Officers ( CISOs ) believe opensource security solutions provide a faster way to secure their environments .

Likewise , 78 % of CISOs believe opensource solutions provide them with access to the best and most current innovations in cloud security and more than 60 % actively prefer to work with vendors who build open-source projects .
The report is based on a survey , commissioned by Aqua , of 100 USbased CISOs at Fortune 1000 or larger companies representing a cross-section of industries . Its purpose was to evaluate security decision makers ’ understanding and perspectives regarding cloud-native security and the use of open-source software ( OSS ).
“ Perceptions of open-source software are evolving . What was once seen as potential risk is now seen as an enabler for both security and business ,” said Paul Calatayud , CISO at Aqua Security . “ This is particularly relevant for cloudnative environments , which benefit from the rapid innovation and agility that are common within the OSS community . These characteristics support CISO interest in working with vendors who are actively supporting OSS projects .”
More than two-thirds of CISOs agree that the easiest first step to securing production workloads is to begin with an inventory and assessment of the entire environment ( 68 %). Using a single source of truth for cloud security is favoured by 69 % of the CISOs , who value it for cutting down on friction between different teams in application development .
Among other findings , the study shows that 88 % of CISOs prioritise both active protection and visibility for workloads as necessary to reduce business risk . In fact , nine out of 10 believe that active protection is a critical element of cloudnative security .
“ Visibility without active protection is not sufficient to keep cloud-native environments secure , which is why Gartner includes it as a key capability of Cloud-native Application Protection Platforms ,” Calatayud said . “ Security teams need the ability to efficiently detect and follow up on risks across their complex , distributed application portfolios , which is why we see most CISOs consider active protection as a non-negotiable for cloud-native security .” u
intelligent CLOUD SECURITY
www . intelligentciso . com
55