Commissioned by Ermetic

Published August 2022

Executive Summary

Osterman Research surveyed over 300 organizations in North America with 500 or more employees and who spend a minimum of $1 million or more each year on cloud infrastructure to find out how they assess their own cloud security maturity. 

The goal was to establish an industry baseline against the Ermetic Cloud Security Model, which was designed by Ermetic to provide a lightweight framework for determining an organization’s maturity level across multiple domains and developing a specific, actionable roadmap for advancing their capabilities. 

Key takeaways:

  • 84% of organizations are at only an entry level (level one or two) with their cloud security capabilities
  • 42% of companies spending 50 hours/week or more on cloud security are achieving the top maturity levels (level three or four)
  • 80% of companies reported they lack a dedicated security team responsible for protecting cloud resources from threats
  • Organizations with certain security priorities reported higher levels of cloud security maturity

Download from Ermetic

Attend the webinar: State of Cloud Security Maturity 2022 (August 17)