By Gregg Ostrowski, CTO Advisor, Cisco AppDynamics
Such is the scale and severity of the security threats engulfing modern applications, some organizations are now actually having to delay or slow down their cloud innovation programs as a result of security issues. Businesses are facing an explosion of security events, with 93% of businesses having experienced at least one security incident in their Kubernetes environments in the past 12 months.
Bad actors are targeting known vulnerabilities within Kubernetes clusters, and these threats will continue to rise as organizations shift to cloud native platforms for nearly all of their innovation initiatives over the next two years. Indeed, Gartner predicts that 95% of new digital workloads will be built on cloud native technologies by 2025.
With applications now firmly established as the front door for nearly all businesses, and digital experience the foundation for brand trust and loyalty, organizations are all too aware of the consequences of any breach on their revenues and reputation. A growing priority for DevOps, engineering and security professionals is to ensure development and deployment of modern applications are secure throughout the entire development cycle and while in production. And very soon it’s going to become a major concern for business leaders across the board.
Traditional approaches for managing application security simply aren’t fit for purpose within highly dynamic cloud native environments, and organizations urgently need to find new solutions.
A lack of visibility and insight to manage new threats
Over recent years, application release velocity has skyrocketed as organizations have accelerated their digital transformation programs to meet changing customer needs and to enable hybrid work. But in the rush to deliver new applications, security has often struggled to keep pace.
With the shift to cloud native applications and architectures, organizations are experiencing a massive expansion in attack surfaces, leaving major visibility gaps for IT teams managing Kubernetes environments.
We recently asked global technologists about the challenges they are facing in managing application security and two-thirds reported that their current security solutions work well in silos but not together. This means that they can’t get a comprehensive view of their organization’s security posture. IT teams are being bombarded with security alerts from multiple vulnerability scanning tools but they can’t cut through the data noise to quickly analyze issues and understand the level of risk.
In fact, the same study found that 59% of technologists are understandably feeling overwhelmed by the volume of security threats and vulnerabilities to their organization – they simply haven’t got the insights and resources required to manage an ever more complex application security landscape. Unfortunately, the result is that many IT teams are ending up in ‘security limbo’, not being able to deliver the impact they would like because they simply don’t know what to focus on and prioritize. And inevitably, as a result, the likelihood of a revenue-impacting security event rises higher.
Organizations must embrace business risk observability to counter soaring levels of risk
In order to securely develop and deploy modern applications, organizations need expanded visibility into Kubernetes environments to locate and highlight security issues across application entities (including business transactions, services, workload, pods and containers). Entity level correlation enables IT teams to quickly isolate issues and apply fixes, improving metrics such as mean time to detect (MTTD) and mean time to remediation (MTTR).
But IT teams also need to add business context to their security findings, to rapidly locate, assess and prioritize risk and remediate issues based on potential business impact.
Business risk observability brings together application performance data and business impact context with vulnerability detection and security intelligence so that IT teams can easily identify which business transactions present the greatest risk to the business. It provides organizations with a business risk score for all vulnerabilities so that they can prioritize the issues with the potential to do most damage to the business – for example, issues which are associated with highly sensitive customer data.
Another major benefit of business risk observability is that it breaks down silos across the IT department and brings applications and security teams together around a single source of truth for all application availability, performance and security data. It provides a platform for organizations to move to DevSecOps and a more integrated approach to security throughout the application lifecycle. Development teams can easily adhere to their organization’s most critical security priorities and embed robust security into every line of code. This will result in more secure applications and easier security management, before, during and after release.
Business risk observability eases the pressure on over-stretched IT teams, providing technologists with the tools and insights they need to regain control, make smart decisions and deliver a positive impact for their organizations.
Significantly, technologists in all sectors are waking up to the need for business risk observability. . The good news is that there are now solutions available which can help organizations meet the challenge of security within modern application environments.
The urgency with which organizations need to implement these tools, along with process and cultural change, is only increasing. They cannot afford to get left behind in the shift towards business risk observability. With the right strategy in place, they can mitigate business risk, empower their teams, and keep their digital transformation programs on track.