Cloud security concerns rise as investment grows
Industry predictions suggest that the world cloud market will exceed $250 billion by 2020, but a new report shows that as cloud investment grows so do security concerns.
Crowd Research Partners has released the results of its 2016 Cloud Security Spotlight Report, created in conjunction with leading cloud security vendors Alien Vault, Bitglass, Cato Networks, CloudPassage, Dell Software, Dome9 Security, IMMUNIO, (ISC)2 and Randtronics.
Among the findings are the main barriers to cloud adoption, led by general security concerns (53 percent, up from 45 percent in last year's survey), legal and regulatory compliance concerns (42 percent, up from 29 percent), and data loss and leakage risks (40 percent). The rise in specific concerns about compliance and integration suggests, say the report's authors, that companies are moving from theoretical exploration of cloud models to actual implementation.
The biggest threat to cloud security comes from unauthorized access through misuse of employee credentials and improper access controls (53 percent). This is followed by hijacking of accounts (44 percent), insecure interfaces/APIs (39 percent), and external sharing of sensitive information (33 percent).
84 percent of respondents are dissatisfied with traditional security tools when applied to cloud infrastructure. Traditional network security tools are somewhat ineffective according to 48 percent of respondents, or completely ineffective (11 percent), 25 percent say effectiveness can't be measured in cloud environments.
Organizations moving to the cloud have a variety of choices available to strengthen their cloud security. 61 percent of organizations say they plan to train and certify existing IT staff, 45 percent want to partner with a managed security services provider, and 42 percent plan to deploy additional security software to protect data and applications in the cloud.
"As organizations look to cloud computing to reduce IT costs, increase agility and better support business functions, security of data and applications in the cloud remains a critical requirement," says Holger Schulze, founder of the 300,000-member Information Security Community on LinkedIn. "The 2016 Cloud Security Report indicates that as organizations increase investments in cloud infrastructure, they are seeking a similar level of security controls and functionality to what's available in traditional IT infrastructures. However, they are finding traditional security tools ineffective in the cloud. In a shared responsibility model, this is an opportunity for organizations to implement effective cloud security solutions to strengthen their security posture and capitalize on the promise of cloud computing".
The full report is available to download from the InfosecBuddy website.
Photo Credit: Slavoljub Pantelic / Shutterstock