Report: State of Cloud Security Maturity 2022

We recently commissioned Osterman Research to survey more than 300 organizations in North America with 500 or more employees and who spend a minimum of $1 million or more each year on cloud infrastructure to find out how they assess their own cloud security maturity. 

The goal was to establish an industry baseline against the Ermetic Cloud Security Model, which we designed to provide a lightweight framework for determining an organization's maturity level across multiple domains and developing a specific, actionable roadmap for advancing their capabilities.

Among the key findings, the research revealed that:

  • 84% of organizations are at only an entry level (level one or two) with their cloud security capabilities
  • 42% of companies spending 50 hours/week or more on cloud security are achieving the top maturity levels (level three or four)
  • 80% of companies reported they lack a dedicated security team responsible for protecting cloud resources from threats
  • Organizations with certain security priorities reported higher levels of cloud security maturity

Fill in the form to access the rest of the findings in the full report.