Intel Security today announced its second annual cloud security report, “Building Trust in a Cloudy Sky.” The report outlines the current state of cloud adoption, the primary concerns with private and public cloud services, security implications, and the evolving impact of Shadow IT of the more than 2,000 IT professionals from around the world surveyed.
Trust in the Cloud on the Rise
The trust and perception of public cloud services continues to improve year over year. Most organizations view cloud services as, or more, secure than private clouds, and more likely to deliver lower costs of ownership and overall data visibility. Those who trust public clouds now outnumber those who distrust public clouds by more than 2-to-1. Improved trust and perception, as well as increased understanding of the risks by senior management, is encouraging more organizations to store sensitive data in the public cloud. Personal customer information is the most likely type of data to be stored in public clouds, kept there by 64 per cent of Canadian organizations surveyed.
Risks Also Rise: Shadow IT and the Cybersecurity Skill Shortage
The ongoing shortage of security skills is continuing to affect cloud deployments. Half of the Canadian organizations surveyed report the lack of cybersecurity skills has slowed adoption or usage of cloud services, possibly contributing to the increase in Shadow IT activities. Another 35 per cent report they are experiencing a scarcity but are continuing with their cloud activities regardless. Only 15 per cent of those surveyed state they do not have a skills shortage.
Due to the ease of procurement, almost 40 per cent of cloud services are now commissioned without the involvement of IT, and unfortunately, visibility of these Shadow IT services has dropped from about 50 per cent last year to just under 47 per cent this year. As a result, 60 per cent of Canadian IT professionals think this phenomenon is interfering with their ability to keep the cloud safe and secure. This is not surprising given the amount of sensitive data now being stored in the public cloud and more than half (52 per cent) of Canadian respondents reported they have definitively tracked malware from a cloud SaaS application.
Data Centre Progression
The number of organizations globally using private cloud only has dropped from 51 per cent to 24 per cent over the past year, while hybrid cloud use has increased from 19 per cent to 57 per cent. This move to a hybrid private/public cloud architecture requires the data centre to evolve to a highly virtualized, cloud-based infrastructure. On average, 52 per cent of an organization’s data centre servers are virtualized, 80 per cent are using containers and most expect to have the conversion to a fully software-defined data centre completed within two years.
Recommendations:
- Attackers will look for the easiest targets, regardless of whether they are public, private or hybrid. Integrated or unified security solutions that provide visibility across all of the organization’s services could be the best defense.
- User credentials, especially for administrators, will be the most likely form of attack. Organizations need to ensure they are using authentication best practices, such as distinct passwords, multi-factor authentication and even biometrics where available.
- Security technologies such as data loss prevention, encryption and cloud access security brokers (CASBs) remain underutilized. Integrating these tools with an existing security system increases visibility, enables discovery of shadow services, and provides options for automatic protection of sensitive data at rest and in motion throughout any type of environment.
- Organizations need to evolve toward a risk management and mitigation approach to information security. They should consider adopting a Cloud First strategy to encourage adoption of cloud services to reduce costs and increase flexibility, and put security operations in a proactive position instead of a reactive one.
Survey Methodology
In fall 2016, Intel Security surveyed over 2,000 IT professionals across a broad set of industries, countries and organization sizes. Research participants were senior technical decision-makers from small, medium and large organizations located in Australia, Brazil, Canada, France, Germany, Japan, Mexico, Saudi Arabia, Singapore, the United Arab Emirates, the United Kingdom and the United States.
To download the full report, visit www.mcafee.com/ca/solutions/lp/cloud-security-report.html.
Like this:
Like Loading...
Related
This entry was posted on February 13, 2017 at 4:36 pm and is filed under Commentary with tags Intel. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Canadian IT Departments Find It Hard to Keep the Cloud Safe: Intel Security
Intel Security today announced its second annual cloud security report, “Building Trust in a Cloudy Sky.” The report outlines the current state of cloud adoption, the primary concerns with private and public cloud services, security implications, and the evolving impact of Shadow IT of the more than 2,000 IT professionals from around the world surveyed.
Trust in the Cloud on the Rise
The trust and perception of public cloud services continues to improve year over year. Most organizations view cloud services as, or more, secure than private clouds, and more likely to deliver lower costs of ownership and overall data visibility. Those who trust public clouds now outnumber those who distrust public clouds by more than 2-to-1. Improved trust and perception, as well as increased understanding of the risks by senior management, is encouraging more organizations to store sensitive data in the public cloud. Personal customer information is the most likely type of data to be stored in public clouds, kept there by 64 per cent of Canadian organizations surveyed.
Risks Also Rise: Shadow IT and the Cybersecurity Skill Shortage
The ongoing shortage of security skills is continuing to affect cloud deployments. Half of the Canadian organizations surveyed report the lack of cybersecurity skills has slowed adoption or usage of cloud services, possibly contributing to the increase in Shadow IT activities. Another 35 per cent report they are experiencing a scarcity but are continuing with their cloud activities regardless. Only 15 per cent of those surveyed state they do not have a skills shortage.
Due to the ease of procurement, almost 40 per cent of cloud services are now commissioned without the involvement of IT, and unfortunately, visibility of these Shadow IT services has dropped from about 50 per cent last year to just under 47 per cent this year. As a result, 60 per cent of Canadian IT professionals think this phenomenon is interfering with their ability to keep the cloud safe and secure. This is not surprising given the amount of sensitive data now being stored in the public cloud and more than half (52 per cent) of Canadian respondents reported they have definitively tracked malware from a cloud SaaS application.
Data Centre Progression
The number of organizations globally using private cloud only has dropped from 51 per cent to 24 per cent over the past year, while hybrid cloud use has increased from 19 per cent to 57 per cent. This move to a hybrid private/public cloud architecture requires the data centre to evolve to a highly virtualized, cloud-based infrastructure. On average, 52 per cent of an organization’s data centre servers are virtualized, 80 per cent are using containers and most expect to have the conversion to a fully software-defined data centre completed within two years.
Recommendations:
Survey Methodology
In fall 2016, Intel Security surveyed over 2,000 IT professionals across a broad set of industries, countries and organization sizes. Research participants were senior technical decision-makers from small, medium and large organizations located in Australia, Brazil, Canada, France, Germany, Japan, Mexico, Saudi Arabia, Singapore, the United Arab Emirates, the United Kingdom and the United States.
To download the full report, visit www.mcafee.com/ca/solutions/lp/cloud-security-report.html.
Share this:
Like this:
Related
This entry was posted on February 13, 2017 at 4:36 pm and is filed under Commentary with tags Intel. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.