2020年云原生安全报告（英文）

The State of Cloud Native Security Report 20202Table of Contents3 Introduction4 About the report7 Executive Summary10 The State of the Cloud and Cloud Native Adoption10 Introduction11 Cloud adoption is high and growing11 By industry11 By company size11 By geography11 Multicloud is the norm12 Public cloud vs. private cloud: It’s a wash14 Companies use a blend of compute technologies16 How much companies invest in cloud17 Challenges to cloud adoption19   The State of Securing the Cloud and Cloud Native Workloads19 Introduction20 Cloud security is an ever-moving goalpost20 The threats and challenges to cloud security 21 Investing in cloud security22 Security team structure22 Security tools and vendors: More does not always equal better26 Measuring Security Preparedness27 A new measurement framework: Security preparedness27 Cloud security actions 28 Practices common to organizations with high preparedness levels31 Feedback32 Demographics32 Location32 Annual revenue32 Knowledge of cloud use and cloud security34 Position in organizational hierarchy34 Departments and teams36 MethodologyThe State of Cloud Native Security Report 20203As the engine that powers business, science, education, government and so many other human endeavors, computing has evolved enormously over the past few decades – and that evolution is accelerating. Today, the focus is less on the hardware underlying computing and more on the application itself – the thing that delivers actual value. We abstract computing away from the hardware as much as possible, in myriad ways: the concept of the cloud itself, as well as the specific technologies for operating in the cloud, such as virtual machines (VMs), infrastructure as a service (IaaS), platform as a service (PaaS), containers, managed container services such as Kubernetes and more.As we adopt all these enabling technologies, we introduce a new responsibility: securing cloud systems and the data we’re running on them. The need to address threats such as operating system and application vulnerabilities, cross-site scripting or SQL injection, and accessing data at rest has created an entire market for security tools and services. Today we have a whole new set of decisions to make, security plans and protocols to create, and processes to develop and implement.That’s why you now have this STATE OF CLOUD NATIVE SECURITY report in front of you. The companies behind this survey and research project all want to better understand the landscape our customers are operating in, so we can do a better job of helping them. We also want to share the knowledge we’ve gained with you, and everyone involved with securing the cloud, to keep our and our customers’ information safe and secure.IntroductionThe State of Cloud Native Security Report 20204About the reportThe first STATE OF CLOUD NATIVE SECURITY report from Palo Alto Networks and Accenture outlines the practi