Security professionals now think cloud is safer than on-premise
New research from internet infrastructure company Nominet finds that 61 percent of security professionals believe the risk of a security breach is the same or lower in cloud environments compared to on-premise.
The study of nearly 300 UK and US C-level security professionals, marks a major shift in the perception of security of the cloud. However, it doesn't mean the cloud is viewed as entirely safe.
In fact 71 percent of respondents are either moderately, very or extremely concerned about malicious activity in cloud systems. As new regulations such as the GDPR have increased the potential penalties, over half (56 percent) of respondents cite fines for data leaks as their biggest concern, closely followed by the increasing sophistication of cyber criminals (54 percent).
US respondents are more wary of the cloud than their UK counterparts, almost twice as likely to be extremely concerned (21 percent versus 13 percent). Those respondents from heavily regulated industries are also more likely to be very or extremely concerned by the security risk posed by the cloud. In healthcare 55 percent worry about the risks, in financial services 47 percent and in pharmaceuticals 46 percent.
The results also show organizations that have been breached in the past 12 months are more than twice as likely to say the cloud is higher risk (52 percent versus 25 percent).
"Security has traditionally always been cited as a barrier to cloud adoption, so it is significant that the perceived risk gap between cloud and on-premise has disappeared," says Stuart Reed, VP of cyber security at Nominet. "It is evident that security concerns are no longer an insurmountable barrier to cloud deployments given the high adoption rate of cloud services. And, as we move into the 'cloud era', arguably security teams need to channel their concern into finding solutions that work with the cloud, just as they have been doing in an on-premise environment. The shift in attitude between on-premise and cloud doesn't change the remit for security teams, it just puts us on a different type of playing field."
The research also looks at the relative security of cloud storage strategies and finds that a multi-cloud approach is seen to be more risky than hybrid and single-cloud approaches. Those adopting a multi-cloud approach are far more likely to have suffered a data breach over the past 12 months: 52 percent versus 24 percent of hybrid-cloud users and 24 percent of single-cloud users.
The use of cloud as a security enabler is widespread, however. 92 percent report adopting cloud-based security solutions. "It makes absolute sense that organizations trusting an increasing amount of their data to the cloud are also utilizing its benefits to improve their security," concludes Reed. "Security, more than any other enterprise IT function, requires speed -- of deployment and implementation. The ability of the cloud to rapidly deliver new security services that integrate easily into organizations' existing systems is a key value driver and explains why cloud security tools have been adopted so broadly."
You can read more on the Nominet blog.