ake1150 - stock.adobe.com
Red Hat encouraging partners to talk Kubernetes security
Vendor identifies issues being faced by customers to arm its channel with a guide to the topics that matter most to users
When a vendor commissions research, one of the planned uses for the finished results is to share the information with partners to help them drive conversations with users, and that has been the case with Red Hat after The state of Kubernetes security report: 2024 edition.
Simon Mead, head of ecosystems for Northern Europe at Red Hat, said it has encouraged its channel to take the headline findings and lay them out to customers to spark a debate about improving security.
“The state of Kubernetes security for 2024 report underscores the critical importance of robust security measures as Kubernetes adoption continues to rise,” he said. “With nearly 90% of organisations experiencing at least one container or Kubernetes security incident in the past year, and almost half facing revenue loss or customer churn, it’s clear that effective security planning and tooling are essential.
“This report highlights areas of opportunity for Red Hat partners to raise these important findings to our joint customers, and engage in conversations about how Red Hat’s technology and approach to Kubernetes can de-risk many of the report’s findings,” said Mead.
James Read, principal ecosystem solution architect at Red Hat, said there were repercussions for partners if Kubernetes security was not adequately addressed.
“Kubernetes is fundamentally a computer platform, and like other platforms such as virtualisation or serverless, it serves as a foundation for business applications to run,” he said. “Having an insecure foundation can put businesses at risk of compromise, data leakage, downtime and other risks.
“Partners who are running Kubernetes as a service for customers, or who are recommending Kubernetes solutions to their customers, often find it’s difficult to provide a comprehensive secure solution just on their own,” said Read, adding that they could work with Red Hat to cover off those gaps.
Dealing with security concerns
Read said there was also evidence that security concerns had slowed down user adoption of Kubernetes, and that dealing with those would also benefit its channel.
“One of the key findings of the report is that 67% of organisations delayed or slowed down Kubernetes deployments due to security concerns, at a time when those same organisations are looking to Kubernetes to speed up their application innovation and empower developers,” he said. “Partners that can help reduce and de-risk security concerns in collaboration with Red Hat can simply accelerate those deployments.
“Beyond just the technology aspect of security – patches, firewalls and secure configuration – the report also shows that 48% of respondents are in the early stages of developing DevSecOps initiatives,” said Read. “We’re at a time where customers are looking for partners who have experience and expertise in implementing initiatives like DevSecOps.”
The vendor is encouraging its channel to chart the challenges customers are facing and improve their ability to lead the Kubernetes security conversation.
“While partners may have been comfortable talking about the technology side of securing Kubernetes in the past, partners who are able to raise the conversation away from just the lower-level security concerns, and instead guide customers towards implementing security best practices, and providing guidance on building DevSecOps teams, will see themselves as getting far greater strategic attachment within their customers,” said Read.
“Customers are ultimately looking for partners who can help them implement a secure Kubernetes solution, without security being a roadblock, or be seen to slow things down,” he added.