Red Hat’s ‘The State of Kubernetes Security for 2023 report’ looks at the specific security risks organizations face regarding cloud-native development, including risks to their software supply chain, and how they mitigate these risks to protect their applications and IT environments.
The report is based on a survey of 600 DevOps, engineering and security professionals from across the globe and uncovers some of the most common security challenges organizations face on their cloud-native adoption journey and their impact on the business. The report also provides best practices and guidance for application development and security teams that could lower their security risk.
Key findings include:
- 38 percent of respondents state that security investment in containerized operations is inadequate, a 7 percent increase from 2022.
- 67 percent of respondents have had to slow down cloud-native adoption due to security concerns.
- More than half of respondents have experienced a software supply chain issue related to cloud-native and containerized development in the past 12 months.
37 percent of respondents identified revenue/customer loss as a result of a container and Kubernetes security incident. These incidents could result in the delay of critical projects or product releases, as businesses must prioritise security efforts to address the vulnerabilities that were missed in the development stage. This delay could have a ripple effect on the business, resulting in further lost revenue, customer dissatisfaction or even loss of market share to competitors. These types of occurrences can also erode customer trust in a business’s ability to protect sensitive data, potentially leading to loss of customers.
By prioritising security early in a cloud-native strategy, organizations are making an investment in protecting business assets, such as sensitive data, intellectual property, and customer information. They are also able to better meet regulatory requirements, drive business continuity, maintain customer trust, and reduce the cost of remediating security issues later on.