SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
APM
#
Application Security
#
Breach Prevention

Red Hat report reveals major security concerns with Kubernetes

Mon, 15th Jul 2024
Author image
By Shannon Williams, Journalist

Red Hat has released its annual State of Kubernetes Report, revealing significant security concerns among organisations worldwide. According to the report, nearly half (46%) of all organisations experienced revenue or customer loss last year due to container or Kubernetes security incidents.

The survey included 600 IT professionals globally, shedding light on the prevalent security challenges associated with Kubernetes adoption. The report found that almost all organisations (89%) had encountered at least one container or Kubernetes-related security incident in the past year. However, 42% of respondents disclosed that their companies do not invest sufficiently in container security.

IT leaders need to prioritise Kubernetes security, as the report indicates. Among the various security risks identified, vulnerabilities in the environment were a significant concern for 33% of IT specialists. Additionally, 27% were worried about misconfigurations, and 24% were concerned about external attacks.

Kubernetes and containers add new software layers, increasing complexity and introducing additional security risks to critical infrastructure. Robust security measures are essential to protect against vulnerabilities, unauthorised access, and data breaches. Specifically, professionals are concerned about coding errors (36%), exposed or unprotected sensitive data (34%), and poor network security (32%).

The report also highlights a disparity in security investment and responsibility within organisations. Security is often viewed as a shared responsibility, with only 34% of respondents stating that the security team holds primary responsibility for Kubernetes security. In contrast, operational teams such as Ops (18%), DevOps (17%), and DevSecOps (15%) share the majority of the responsibility in 50% of the cases.

Addressing these security concerns, Red Hat provides a range of recommendations for successful Kubernetes security. They suggest using security measures specifically designed for Kubernetes, extending security across all application lifecycle phases, and implementing tools that support DevSecOps practices.

The widespread adoption of Kubernetes necessitates stringent security measures from the outset to protect applications while maintaining efficiency and usability. As security incidents continue to impact revenue and customer retention, organisations must reassess their security strategies and investments to mitigate these risks effectively.

Based on data from a survey of 600 DevOps, engineering, and security professionals around the world, the 2024 edition of the State of Kubernetes security report examines some of the most common cloud-native security challenges and business impacts that organisations of all sizes experience.

The report provides organisations with 13 key findings based from the survey and actions they can take to increase the security of a business' cloud-native environment.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
HackerOne launches PartnerOne to expand global cybersecurity access
NetApp enhances IT infrastructure for Semyung University
Revenera unveils OSS Inspector plugin for IntelliJ IDEA users
Unmonitored channels – Express malware delivery bypassing Secure Web Gateways
Open Union partners with L2X Networks for advanced networking
Top stories
Forescout's 2024 H1 Threat Review reveals surge in cyber threats
Andre Schindler promoted to SVP at NinjaOne amid growth
Indosat launches IMSecure to bolster customer data protection
Absolute Security acquires Syxsense to boost resilience platform
Cybercriminals use legitimate software for attacks increasing