As the lockdown was imposed on many countries in late March 2020, most companies were forced to resort to a distributed work environment. This also boosted cloud adoption, and the demand for the SaaS model soared. This (and other cloud adoption trends) are strongly reflected in CISO MAG’s Cloud Security survey. The complete research report on Cloud Security trends is published in the June issue of CISO MAG here: https://staging-cisomag.com/magazine/
“Decision-makers in businesses of all sizes, and across geographies confirmed that cloud security is top of mind for executives as cloud adoption accelerates. These concerns are warranted, migrating to the cloud involves several risks identified in this detailed and informative survey. However, these security risks and concerns may be a result of a lack of clarity or understanding of the shared responsibility model related to security. As well as, a misconception about the potential security services available to organizations as they migrate to the cloud,” said AJ Yawn, a cloud security expert who is also on the Board of ISC2.
- A multi-cloud strategy is here to stay. This is reflected in our data with 19.39% having 6 or more cloud vendors.
- Half the respondents (49.7%) opt for hybrid cloud environments and are not ready to commit fully to public or private clouds. This is due to rigid compliance and regulatory norms.
- In the wake of COVID-19 and a distributed work environment, more organizations (39%) are opting for SaaS based delivery models, moving away from on-premise solutions.
- Half the respondents (52.12%) said they are not confident about the public cloud because of issues like confidentiality and privacy of data.
- There is a lack of understanding about who is responsible for security in the cloud – the customer or the cloud service provider. 76.36% said it is the responsibility of the cloud service provider.
- 39% said they were concerned about data ownership when choosing a cloud service provider.
- A skills gap in the security team is a major security challenge for 45.45% of respondents.
- 88% said it is crucial to perform a proper and comprehensive risk assessment as part of the Cloud Computing project.
- Two-thirds (66.67%) said security, privacy, and compliance should be integrated into the Cloud Computing team from the initiation of the project.
“This survey highlights the need for companies to continue to study and refine their cloud infrastructure needs and their risk appetite surrounding these services. Our results show that security is often a critical decision point, and in many cases, may be the deciding factor to move or not move a service to the cloud,” said Dick Wilkinson, Chief Technology Officer, New Mexico Judicial Information Division.
CISO MAG conducts a Cloud Security survey annually, and the last such survey (and research report) was published in July 2019.
The next CISO MAG Market Trends Report is on Data Security, and it will be published in the September issue of CISO MAG. For participation in this issue write to [email protected] or [email protected]