Ermetic | August 05, 2022
Ermetic, the cloud infrastructure security company, today released the findings of a research study conducted by Osterman Research on the cloud security maturity level of organizations in North America. The survey found that 84% of respondents were at an entry level (one or two) in terms of their cloud security capabilities and only 16% ranked at the top two levels. Meanwhile, 80% of companies reported they lack a dedicated security team responsible for protecting cloud resources from threats. The survey also revealed the top five priorities that all highly mature companies have in common when it comes to cloud security.
Osterman Research surveyed 326 organizations in North America with 500 or more employees and who spend a minimum of $1 million or more each year on cloud infrastructure to establish an industry baseline against the Ermetic Cloud Security Model. The model was designed to provide organizations with a lightweight framework for determining their maturity level (1 - Ad Hoc, 2- Opportunistic, 3- Repeatable, 4- Automated & Integrated) across multiple domains, while allowing them to develop a specific, actionable roadmap for advancing their capabilities.
“One of the most unexpected findings that emerged from this study was the lack of cloud security maturity among the largest enterprises surveyed,” said Michael Sampson, senior analyst for Osterman Research and author of the report. “Less than 10% of companies with more than 10,000 employees reported being at the top two maturity levels, while nearly 20% of smaller enterprises have achieved repeatable or automated & integrated cloud security capabilities.”
Other Report Highlights
Demonstrable ROI: 42% of companies investing more than 50 hours per week on cloud security are achieving the highest levels of maturity (Levels 3 and 4)
Bigger not better: Only 7% of companies with more than 10,000 employees were at level three or four in terms of maturity, compared with 18% for companies with between 2,500 and 9,999 employees, and 24% for companies with 500 to 2,499 employees
Overall, maturity is low: 84% of companies were at level one or two (41.5% Ad Hoc and 42.5% Opportunistic) and only 16% at level three or four (11.1% Repeatable and 4.9% Automated & Integrated)
More clouds doesn’t equal more maturity: the percentage of companies that ranked at the highest levels of maturity (3 & 4) decreased with multicloud usage. For example, the number of organizations achieving Repeatable or Automated & Integrated security capabilities dropped nearly 50% when going from one (10%) to three (6%) cloud platforms
Shared blindspot: 81% of organizations lack full visibility into all resources that are directly accessible from the Internet
“This survey makes two things very clear. Without the right tools, spending lots of time and resources on cloud security will not necessarily make you more secure,” said Shai Morag, CEO of Ermetic. “And, by focusing on the right priorities you can achieve a very high level of security maturity regardless of your organization’s size.”
Five Habits of Highly Mature Companies
Organizations that reported focusing on the five following security priorities achieved the highest levels (3 or 4) of maturity:
Detecting general cloud misconfigurations (e.g., unencrypted resources, MFA)
Achieving the ability to track and investigate activities performed by human users and applications/service accounts across the cloud infrastructure
Establishing Just-in-Time (JIT) access for developers / DevOps / Cloud operations teams to cloud infrastructure environments
Evaluating and reporting on alignment with security best practices (e.g., AWS well-architected, CIS) and compliance standards (e.g., NIST, ISO, SOC2, PCI-DSS)
Achieving least-privilege for identities in the cloud (both human identities and service accounts)
Ermetic helps prevent breaches by reducing the attack surface of cloud infrastructure and enforcing least privilege at scale in the most complex environments. The Ermetic SaaS platform provides comprehensive cloud security for AWS, Azure and GCP that spans both cloud infrastructure entitlements management (CIEM) and cloud security posture management (CSPM). The company is led by proven technology entrepreneurs whose previous companies have been acquired by Microsoft, Palo Alto Networks and others. Ermetic has received funding from Accel, Forgepoint, Glilot Capital Partners, Norwest Venture Partners, Qumra and Target Global.
eStruxture | August 04, 2022
Today, eStruxture Data Centers, the largest Canadian cloud and carrier-neutral data center provider, is pleased to announce that it has signed the Infrastructure Masons Climate Accord (ICA), which unites over 70 companies to reduce carbon in digital infrastructure materials, products, and power.
“At eStruxture, we are committed to designing and powering our data centers sustainably, and we are thrilled to be a part of this important initiative to promote global carbon accounting of digital infrastructure and work together with our industry peers towards a Net Zero future.
Todd Coleman, President and CEO of eStruxture
The ICA includes several large hyperscale companies, representing some of the largest digital infrastructure portfolios in the world, and over 40 colocation data center providers, product, service and investment firms. Together with these industry trailblazers, eStruxture will collaborate to adopt open standards, policies, and reporting around carbon reduction to drive industry accountability.
“We established iMasons to unite the builders of the digital age,” said Dean Nelson, Chairman and Founder of Infrastructure Masons. “The ICA represents an unprecedented collaboration between leading digital infrastructure companies to accelerate our journey to carbon neutrality. Today, we are combining forces to compound the efforts of these firms to make meaningful and sustained progress toward that goal.”
Sustainability is one of the core fundamentals that eStruxture was built upon and signing this accord is an important step on the company’s journey to reducing the environmental impact of the data center industry and building a better future.
About Infrastructure Masons
Infrastructure Masons (iMasons) is a non-profit, professional association of technology and business leaders who represent over $150Bn in infrastructure projects in over 130 countries. The organization is guided by an Advisory Council composed of global leaders who manage some of the largest digital infrastructure portfolios in the world. The iMasons vision is to Unite the Builders of the Digital Age by enabling our global membership to Connect, Grow, and Give Back. Members leave their companies at the door and connect as individuals. iMasons has four strategic industry priorities – increase Awareness, enhance Education opportunities, champion Diversity & Inclusion, and inspire Sustainability through deep member engagement. Visit the website at imasons.org or LinkedIn.
eStruxture is the largest Canadian data center provider with locations in Montreal, Toronto, Vancouver, and Calgary. Our solutions are designed to give you more: more locations, more capacity, more connections that enable you to run modern, demanding enterprise applications, and offer your business the control to rapidly scale in response to unpredictable changes in business processes.
365 Data Centers | August 03, 2022
365 Data Centers, a leading provider of network-centric colocation and other Infrastructure-as-a-Service (IaaS) solutions, has entered into an Asset Purchase Agreement to acquire Sungard’s U.S. colocation and network business.
365 is acquiring the international colocation brand’s data center facilities and customers in 8 strategic edge markets along with its U.S. network infrastructure, routes, and customers. The transaction will complement 365’s existing data center presence in Boca Raton, Bridgewater (NJ), Buffalo, Chicago, Commack (NY), Detroit, Fort Lauderdale, Herndon (VA), Nashville, Philadelphia, New York City, and Tampa, and its interconnected, resilient, low latency, nationwide fiber network.
Once this acquisition is closed and integrated, 365 will feature:
20 interconnected network-centric Data Centers
1,000,000 data center square feet which includes ample expansion space
53 MW of available power
105 Carriers across the platform with about 300 Carrier Points-of-Presence (PoPs)
90 additional network PoPs outside the 20 Data Centers
Direct on-ramps from each Data Center to the public clouds
Cloud storage, cloud compute, BaaS, DRaaS, and business continuity offerings
1,700 carrier, content, and enterprise customers
“This acquisition demonstrates 365 Data Centers’ adherence to its network-centric colocation growth strategy. “We have already successfully doubled our business two times since inception in 2017 by acquiring, financing, integrating, and growing quality assets. We look forward to doing the same with the addition of the Sungard colocation and network portfolio, which will further enable us to provide quality services, grow our customer base, and deliver exceptional financial performance, all of which benefits our customers, employees, and investors.”
Bob DeSantis, 365 Data Centers CEO
Sungard employees associated with the acquired business are expected to continue to serve existing customers and will be complemented by the 365 technical team. Added DeSantis, “We look forward to having Sungard professionals join 365 and wowing our entire customer base with the combined talents of over 200 dedicated employees.”
Funding for the transaction has already been secured from 365’s existing equity owners, including Stonecourt Capital which invests capital from some of the world’s largest family offices, institutions and sovereign wealth funds, and the Company’s bank syndicate, which represents the premier lenders to the data center industry.
The deal is expected to close during the next three months. This transaction further solidifies 365’s position as one of the largest privately held IaaS providers operating in the Eastern United States with direct network connectivity to owned facilities in key western markets to serve customers with those geographic requirements.
About 365 Data Centers: 365 Data Centers is a leading provider of hybrid Data Center solutions in 12 strategic, primarily edge, markets. Along with network-centric Data Centers in Boca Raton, Bridgewater (NJ), Buffalo, Chicago, Commack (NY), Detroit, Fort Lauderdale, Herndon (VA), Nashville, Philadelphia, New York City, and Tampa, the company operates an interconnected, resilient, low latency, nationwide fiber network. 365 serves more than 1,300 customers.
365’s robust, carrier-neutral ecosystem and secure, reliable edge colocation, network, IP, DRaaS, BaaS, cloud compute and storage, and business continuity services help organizations reduce costs, drive innovation, and improve their customer experience. 365 Data Centers supports mission-critical application infrastructure by providing industry leading Service Level Agreement protections and adhering to industry standards such as HIPAA, PCI DSS, SOC 1 Type 2, SOC 2 Type 2, SSAE 18, and ISAE 3402. 365 Data Centers’ corporate office is headquartered in Norwalk, Connecticut.