Hybrid cloud is driving digital transformation
The hybrid cloud model is increasingly used in digital transformation and data storage according to a new report from Trustwave.
Of over 950 IT professionals surveyed, 55 percent use both on-premise and public cloud to store data with 17 percent using public cloud only. Singapore organizations use the hybrid cloud model most frequently at 73 percent or 18 percent higher than the average and US organizations employ it the least at 45 percent.
Government respondents are most likely to store data on-premises only at 39 percent or 11 percent higher than average. Additionally, nearly half of respondents at 48 percent stored data using the hybrid cloud model during a recent digital transformation project with only 29 percent relying solely on their own databases.
At the same time, the type of data organizations are moving into the cloud has become increasingly sensitive. 96 percent of total respondents state they plan to move sensitive data to the cloud over the next two years with 52 percent planning to include highly sensitive data. Australia at 57 percent leads the regions surveyed. When asked to rate the importance of securing data in digital transformation initiatives respondents recorded an average score of 4.6 out of a possible five.
"Moving to the cloud isn't necessarily risky, but how you move to the cloud and understanding the overall responsibility of that cloud is where companies need to be very focused," says Travis Lee, director of product management at Trustwave. "Just moving your data to the cloud doesn't move the responsibility of the security aspect of it to your cloud service provider. They are making sure that the environment, the infrastructure is available and running for you, but that overall security, still is the responsibility of the company."
It's common to use multiple public cloud services, with 70 percent of organizations surveyed using between two and four services and 12 percent using five or more. At 14 percent, the US has the most instances of using five or more public cloud services followed by the UK at 13 percent, and Australia and Singapore at nine percent each. Only 18 percent of organizations queried used zero or just one public cloud service.
One of the interesting things the survey highlights is a discrepancy between perceived threats and actual attacks. 38 percent of organizations say they are most concerned with malware and ransomware followed by phishing and social engineering at 18 percent, application threats at 14 percent, insider threats at nine percent, privilege escalation at seven percent and misconfiguration at six percent. Yet when asked about actual threats experienced, phishing and social engineering came in first at 27 percent followed by malware and ransomware at 25 percent.
The answer to dealing with threats is to continually assess who has access to data and apply a zero trust approach, believes Lee, "If you've done your assessments appropriately those people are likely not to have access to these back end data sources so even if an attacker can get into the system they can't escalate their privileges to be able to have access to the data."
The full report is available from the Trustwave site.