UK CISOs plan increased cloud security investment by 2025

Yesterday

CISOs in the United Kingdom are planning to increase their investment in cloud security throughout 2025, as per research conducted by Westcon-Comstor.

The study surveyed 500 Chief Information Security Officers and senior security executives across enterprises with at least 1,000 employees in the UK, France, Germany, Italy, and the UAE. It revealed that 84% of UK-based security leaders are set to invest in Cloud-Native Application Protection Platform (CNAPP) technologies in the coming year, slightly surpassing the international average of 83%.

Security leaders across these regions identified three primary investment priorities: AI Security Posture Management (AI-SPM), Cloud Security Posture Management (CSPM), and Application Security Posture Management (ASPM). In the UK, 45% of respondents also expressed a significant interest in investing in Software Composition Analysis.

The survey further indicated substantial growth opportunities for channel partners such as resellers and managed security service providers, with 95% of respondents already engaging with such partners in procuring and deploying cloud security solutions. Training and enablement emerged as the most valued benefit from channel partners, especially highlighted by UK respondents where 51% emphasised its importance compared to a 40% international average.

Approximately 29% of the surveyed UK executives pointed out cost-effective access to new solutions as their key reason for partnering with channel providers, while 20% valued assistance in navigating the cloud security market and selecting optimal solutions.

When discussing the reasons behind adopting CNAPP, security leaders cited the desire to consolidate various security capabilities into a single platform to minimise complexity and tackle issues arising from multiple cybersecurity vendors and tools. Further motives included integrating security and compliance testing and achieving unified risk visibility across cloud environments and software development stages.

In the UK, there is a pronounced inclination towards integrating a DevSecOps approach, with 81% of security leaders acknowledging its necessity to align with the ongoing 'shift left' trend. This suggests a greater proportion than the international average of 75% and indicates a move towards shifting operational responsibilities towards developers and cloud architects.

The findings are accompanied by Westcon-Comstor's plans to introduce a new X2C (everything to cloud) cybersecurity strategy in 2025, aiming to encourage partner and vendor growth across four key areas: code to cloud, infrastructure to cloud, data to cloud, and identity to cloud.

Daniel Hurel, Senior Vice President, Westcon EMEA Cybersecurity & Next-Generation Solutions at Westcon-Comstor, stated, "CNAPP offers a holistic approach to securing cloud infrastructure, bringing together various security functions and capabilities in a single, unified platform to provide comprehensive security across the entire software development lifecycle, from code to cloud." He added, "As the cloud security market continues to evolve, we're seeing CNAPP become the go-to solution for securing cloud workloads. Our research suggests that this presents an opportunity for the IT channel, with particularly strong demand for training and enablement. Partners who establish themselves in this high-growth area stand to reap the rewards in 2025 and beyond."

Share on: