Companies are still struggling to secure the cloud
A new survey from data analytics platform Sumo Logic finds a staggering 98 percent of European companies face organizational challenges implementing security in cloud environments.
The survey of over 300 IT security professionals responsible for environments with significant investment in both cloud and on-premise IT infrastructure covered the US and Canada, and Europe, The Middle East and Africa (EMEA).
Among the findings are that 41 percent of EMEA respondents say that cloud requires a different approach to security management, compared to just 31 percent in the North America. Also 86 percent of EMEA respondents say that their priorities have changed as IaaS adoption has increased. 12 percent said the level of investigation work would remain the same.
Only 11 percent of EMEA companies involve both technology and business roles in their security leadership team. 26 percent have security leadership solely by the IT security team, but sponsored by a business role, while 42 percent have a mix of IT security, operations and other technology roles on the security leadership team. Around 20 percent of companies have IT security solely managed and run by the IT security department
"One of the biggest takeaways from the findings is that European companies see more of a difference in how they have to think about security for the cloud compared to US and Canadian companies," says Mukesh Sharma, vice president, EMEA at Sumo Logic. "The growth of cloud demands more flexibility and agility around security, and many companies are struggling to adapt their legacy tools like SIEM for modern IT infrastructure."
Among other findings are that 63 percent say the cloud requires broader technical expertise to understand threats. 54 percent say greater cross-team coordination is necessary for security in their cloud environment, and 51 percent say staff overload is a challenge for security in their cloud environment.
"Under the recently passed GDPR law, the scope of personal information has been expanded to cover data like IP addresses as well as demographic information, meaning companies have to track all the data they create over time and ensure that it is kept secure," adds Sharma. "As more organisations continue to adopt cloud infrastructure, building a security and privacy by design program enables them to leverage their machine data to spot potential gaps around security and stop them from becoming compliance risks for the business."
The full report is available from the Sumo Logic website.