Five Surprising Findings From the 2022 Multi-Cloud Security Report

This blog was originally published by Valtix here.

Written by Erik Kristiansen, Valtix.

At the end of last year, Valtix released our first annual 2022 Multi-Cloud Security Report based on an independent research survey of 200 IT leaders. If you haven’t already downloaded your copy, you can do so here.

Beyond being interesting, many of the report’s findings were quite surprising. Here are five findings that stood out to me.

Surprise #1: 94% will be multi-cloud within two years

There have been many surveys about the multi-cloud trend—nothing new there. However, what really drew my attention about our results is just how many organizations will be going multi-cloud by 2024. According to our research, 62% of participants were multi-cloud today. Interestingly, of those who were single cloud today, 84% stated they will be multi-cloud within two years. That’s 94% of the 200 IT leaders surveyed in total. The trend is clear; if it wasn’t before, nearly every company needs to consider its multi-cloud strategy in 2022, and security is right at the center of that.

Surprise #2: 72% customize cloud security strategy per cloud

According to the research, 72% of IT leaders say their cloud security strategy is different in each cloud provider. I’m not sure why, but I expected to see more organizations already taking a multi-cloud security approach. As an industry, we’ve been on the cloud computing journey for well over a decade with an estimated $120B spent in IaaS this year. Given some of the early stats about multi-cloud adoption, it seems the underlying security architecture issue has dragged out. In 2022, this single cloud security mindset must give way to a multi-cloud mindset. Otherwise, security will inevitably become a drag on the business.

Surprise #3: 82% say cloud security complexity freezes businesses

What’s surprising about this one for me is this: IT priority is driven by business priority. Typically, IT leaders are very quick to make changes in the face of business requirements. What’s so different in the case of cloud security? Why aren’t more leaders reacting to this business agility challenge? Unfortunately, I think the other aspect is how many teams are even bypassing or minimizing security controls in the cloud just because security adds time and overhead counter to their needs.

Surprise #4: The cloud is just another datacenter (75%), but cloud security is different (89%)

The next one isn’t one stat, but rather two. From my perspective, these stats highlight a bit of a contradiction in terms of how IT leaders view the cloud.

Stat #1 – 75% of IT leaders see cloud as being an extension of their existing datacenter.
Stat #2 – 89% of IT leaders see cloud security to be different than on-premises approach

Let me get this straight, most view the cloud as an extension of their datacenter, but almost the same portion view cloud security as different? What I think these diverging stats highlight is an interesting dynamic. IT leaders WANT to view the cloud as just another datacenter, but they REALIZE that it’s not the same – at least when it comes to security.

The rub here is, how do they solve this tension? Do they invest more money into making on-prem tools work in the cloud in the name of “hybrid cloud”? Or do they thoughtfully analyze the differences and determine where cloud-native solutions make more sense? Have they created multi-cloud security operating model and architecture that enables them to accomplish their security objectives while minimizing operational redundancies with the cloud? I’ve heard from many cloud security leaders that 2022 might be the year of thoughtful rationalization of tools in the cloud to choose the best model to blend cloud-native with hybrid cloud consistency.

Surprise #5: Multi-Cloud security is a priority and necessity at 97% of organizations, …but it’s underinvested at 76% of companies

Probably the biggest and most surprising result for me was how big a difference there was between perception of multi-cloud security priority versus the reality of implementation. For me, this is a huge indicator that we’re on the cusp of a shift.

The problem is understood.

The business priority is clear.

Now, leaders have the challenging task in the coming year on how to navigate a complex and quickly evolving landscape of multi-cloud security tools.

Who will be the winners and losers?

What platforms will emerge?