Gartner CNAPP for Enterprise Cloud Adoption

Fellows Redditors,

My office is currently transitioning to the cloud and using several different vendors depending on the application needs.
My CTO asked to dig up information about cloud security adoption and I found Gartner CNAPP information.
Are their guidelines valid enough for my company? for context, we have regulations from PCI and my CTO really likes NIST adoption for onpremise solutions and most likely he will also ask me to look at it from the NIST Cloud Adoption side …

adoption application cloud cloud adoption cloud security cnapp context cto cybersecurity dig enterprise gartner guidelines information office pci regulations security valid vendors