* [Blog](https://www2.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate/)
* [DevSecOps](https://www2.paloaltonetworks.com/blog/cloud-security/category/devsecops/)
* The Cloud Shift Is Now: B...

# The Cloud Shift Is Now: Boost Your Enterprise Security Portfolio

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2021%2F02%2Fcloud-shift%2F)  
[](https://twitter.com/share?text=The+Cloud+Shift+Is+Now%3A+Boost+Your+Enterprise+Security+Portfolio&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2021%2F02%2Fcloud-shift%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2021%2F02%2Fcloud-shift%2F&title=The+Cloud+Shift+Is+Now%3A+Boost+Your+Enterprise+Security+Portfolio&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/2021/02/cloud-shift/&ts=markdown)  
\[\](mailto:?subject=The Cloud Shift Is Now: Boost Your Enterprise Security Portfolio)  
Link copied  
By [Bisham Kishnani](https://www.paloaltonetworks.com/blog/author/bisham-kishnani/?ts=markdown "Posts by Bisham Kishnani") and [Unmesh Deshmukh](https://www.paloaltonetworks.com/blog/author/unmesh-deshmukh/?ts=markdown "Posts by Unmesh Deshmukh")  
Feb 19, 2021  
5 minutes  
[DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown)  
[Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)  
[best practices](https://www.paloaltonetworks.com/blog/tag/best-practices/?ts=markdown)  
[Cloud Native Security Platform](https://www.paloaltonetworks.com/blog/tag/cloud-native-security-platform/?ts=markdown)  
[Cloud Security](https://www.paloaltonetworks.com/blog/tag/cloud-security/?ts=markdown)  
[DevSecOps](https://www.paloaltonetworks.com/blog/tag/devsecops/?ts=markdown)  
[Shift-left](https://www.paloaltonetworks.com/blog/tag/shift-left/?ts=markdown)

In the aftermath of the pandemic, companies are determined to enhance operational efficiencies and rapidly move to the cloud. Whether for new initiatives or to replace existing systems, traditional IT solutions are being redeployed to the cloud. This growing preference for "cloud first" has been termed by Gartner as "[cloud shift](https://www.gartner.com/smarterwithgartner/cloud-shift-impacts-all-it-markets/)." According to Gartner's latest IT spending forecast, the amount spent on cloud system infrastructure will reach [$81 billion by 2022](https://www.gartner.com/smarterwithgartner/cloud-shift-impacts-all-it-markets/) (from about $63 billion in 2020). Additional data indicates that, of organizations currently using cloud services, [70% plan to increase their cloud spend](https://www.gartner.com/en/newsroom/press-releases/2020-11-17-gartner-forecasts-worldwide-public-cloud-end-user-spending-to-grow-18-percent-in-2021).

## Disruptive Innovation: New Opportunities and Next-Generation Solutions for Cloud

Given the increasing proliferation of cloud strategies, we are now at the cusp of creating a foundation for new opportunities and next-generation solutions to define the future. Trends we are likely to see:

- **Alignment of individual cloud decisions with organization goals**: Developer-led organizations are innovating rapidly, more cost-effectively and with increased independence as they build new products and services to keep up with competitive market conditions. These organizations are looking beyond short-term benefits and investing in a cloud foundation to increase competitiveness, so as to accommodate technologies such as artificial intelligence (AI), advanced data analytics, IoT and edge computing.

- **Workflow agility**: Instead of achieving perfect final products, an agile methodology looks at short, rapid iterations in the software development process. DevOps, which governs the testing, security and deployment of software, is now increasingly constructing tool sets based on cloud computing models. These models enable both automation and repeatability of the entire developmental process, reducing errors, shortening responsiveness and enhancing speed to market.

- **Purpose-built security deployment:** Increasing cloud adoption means that the DevOps and infrastructure teams are leveraging microservices for their cloud applications. Therefore, more entities within production and the application lifecycle need to be protected. [Cloud native](https://www.paloaltonetworks.com/blog/prisma-cloud/) development, which includes a combination of virtual machines (VMs), containers, Kubernetes and serverless architectures, has different security requirements and hence requires a purpose-built approach to security.

**- Shift left and automation:** [Shifting left](https://www.paloaltonetworks.com/blog/2021/02/prisma-cloud-bridgecrew/) means moving security up in the development process, thereby placing emphasis on prevention over detection. Here, tests are conducted earlier, achieving continuous testing and continuous deployment.

Alongside cloud adoption, as we move forward, emphasis needs to be laid on cloud security so as to [prevent unauthorized access](https://unit42.paloaltonetworks.com/iam-roles-compromised-workloads/) to data and applications deployed to the cloud.

## Best Practices to Adopt a Secure Cloud Strategy

We are in the midst of a new era of cloud, with multi-cloud strategies, provider independence and enterprise agility, where cost optimization will be crucial. Below are cloud security recommendations for enterprises opting to make a cloud shift.

**- Consider a comprehensive cloud native security platform:** The first step is to consider a "cloud smart" approach, one that balances an organization's goals with business value. Along with the explosion in cloud adoption, there are several unmanaged risks that need a comprehensive, all-encompassing solution which offers [Cloud Security Posture Management](https://www.paloaltonetworks.com/blog/prisma-cloud/category/cloud-security-posture-management/) (CSPM), a [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/prisma-cloud/category/cloud-workload-protection/) (CWPP), [Microsegmentation](https://www.paloaltonetworks.com/prisma/cloud/identity-based-microsegmentation) and [Cloud Infrastructure Entitlement Management](https://www.paloaltonetworks.com/prisma/cloud/cloud-infrastructure-entitlement-management) (CIEM).

- **Enforce granular and uniform visibility, compliance, governance and risk management**: This is absolutely essential for the handling of sensitive information as this helps automate data governance. Enterprises must ensure granular and uniform policies from a single control point for all the organization's cloud applications. Granular visibility gives a peek into which actions are being taken by users within cloud apps, allowing for anomaly detection.

**- Ensure** **your security provider is fully API-enabled for automation**: APIs have changed the game with regard to the manner in which we communicate and transfer data. Hacked APIs, however, can make enterprise data extremely vulnerable. Securing every single API is expensive and cumbersome, and API deployments should be secured automatically.

- **Prioritize CSPM to ensure infrastructure and workloads are configured properly**: CSPM must extend into the development process to monitor and fix security issues automatically and protect sensitive data against misconfigurations, with no overhead configuration costs. CSPM is useful for businesses that have multi-cloud platforms, as it is interoperable. It helps proactively consolidate possible misconfigurations, mitigate risk, prevent data leakage and create a transparent platform for information relay.

- **Address the requirements of protecting cloud workloads, including server workload protection, container security and serverless security capabilities**: A CWPP refers to a workload-centric security solution that includes physical servers, VMs, containers and serverless workloads. With organizations having to grapple with legacy infrastructure, migration to the cloud is not always easy. Add to this the fact that they are often coping with a fragmented environment that is multi-cloud and hybrid. These changing workloads can introduce increased risk -- but it can be mitigated through CWPP.

**- Enforce permissions and secure identities across workloads and clouds**: While migrating from on-premises deployments to using cloud-based services, identity management becomes more complex. It is therefore imperative for organizations to implement robust access management policies, ensuring that privileges are role-based and monitored.

- **Have the ability to enforce identity-based microsegmentation**: Microsegmentation is an emerging security best practice that allows security architects to segment the data center into separate zones. Security teams then leverage this zone approach, establish controls and deliver services for each unique infrastructure segment to enhance an organization's security defense.

It is clear that the cloud shift is here and now, presenting both an opportunity and a risk for IT leaders. We've put a lot of thought into how we can help, and we believe that's part of why Palo Alto Networks was named as the recipient of the [2020 Asia-Pacific Cloud Workload Protection Solution Vendor of the Year](https://www.prnewswire.com/news-releases/leading-organizations-honored-by-frost--sullivan-in-the-final-2020-asia-pacific-best-practices-virtual-awards-ceremony-301194850.html) by Frost \& Sullivan as one of its Best Practices Awards. Learn more at our webinar on Feb. 23, "[2021 Cloud Security Trends](https://register.paloaltonetworks.com/prismacnswebinar-2021cloudsecuritytrends)."

*** ** * ** ***

## Related Blogs

### [DevSecOps](https://www.paloaltonetworks.com/blog/cloud-security/category/devsecops/?ts=markdown), [Secure the Cloud](https://www.paloaltonetworks.com/blog/category/secure-the-cloud/?ts=markdown)

[#### Prisma Cloud Native Security Platform Embeds Security into DevOps Lifecycle](https://www2.paloaltonetworks.com/blog/cloud-security/cloud-native-security-platform-2/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Government](https://www.paloaltonetworks.com/blog/category/government/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### Palo Alto Networks Conformance to the NCSC Cloud Security Principles](https://www2.paloaltonetworks.com/blog/2023/01/conformance-to-the-ncsc-cloud-security-principles/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Hybrid Cloud Data Center](https://www.paloaltonetworks.com/blog/network-security/category/hybrid-cloud-data-center/?ts=markdown), [Network Perimeter](https://www.paloaltonetworks.com/blog/network-security/category/network-perimeter/?ts=markdown), [Next-Generation Firewalls](https://www.paloaltonetworks.com/blog/network-security/category/next-generation-firewalls/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Zero Trust Security](https://www.paloaltonetworks.com/blog/network-security/category/zero-trust-security/?ts=markdown)

[#### Virtual Firewall ROI --- US Signal and Guest from Forrester Explain](https://www2.paloaltonetworks.com/blog/2022/07/virtual-firewall-roi/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Next-Generation Firewalls](https://www.paloaltonetworks.com/blog/network-security/category/next-generation-firewalls/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown), [Zero Trust Security](https://www.paloaltonetworks.com/blog/network-security/category/zero-trust-security/?ts=markdown)

[#### Russia-Ukraine Cyber Activity Makes Security Best Practices Imperative](https://www2.paloaltonetworks.com/blog/2022/03/russia-ukraine-cyber-activity-best-practices/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### Ransomware as a Service: Defend by Reinvesting in the Fundamentals](https://www2.paloaltonetworks.com/blog/2021/10/raas-defense-in-depth/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### Ransomware as a Service: Criminal "Entrepreneurs" Evolve Ransomware](https://www2.paloaltonetworks.com/blog/2021/10/ransomware-as-a-service/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language