WASHINGTON--(BUSINESS WIRE)--Following industry predictions that the global cloud market will exceed $250 billion by 2020, Crowd Research Partners today released the results of its 2016 Cloud Security Spotlight Report, in conjunction with leading cloud security vendors Alien Vault, Bitglass, Cato Networks, CloudPassage, Dell Software, Dome9 Security, IMMUNIO, (ISC)2 and Randtronics. Based on a comprehensive survey of more than 2,200 global cybersecurity professionals who are among the 300,000+ members of the Information Security Community on LinkedIn, the study indicates cloud security concerns are evolving with the increasing adoption of cloud computing.
“As organizations look to cloud computing to reduce IT costs, increase agility and better support business functions, security of data and applications in the cloud remains a critical requirement,” said Holger Schulze, founder of the 300,000-member Information Security Community on LinkedIn. “The 2016 Cloud Security Report indicates that as organizations increase investments in cloud infrastructure, they are seeking a similar level of security controls and functionality to what’s available in traditional IT infrastructures. However, they are finding traditional security tools ineffective in the cloud. In a shared responsibility model, this is an opportunity for organizations to implement effective cloud security solutions to strengthen their security posture and capitalize on the promise of cloud computing.”
Key cloud security trends highlighted in the study include:
- Security concerns top the list of barriers to cloud adoption led by general security concerns (53 percent, up from 45 percent in last year’s survey), legal and regulatory compliance concerns (42 percent, up from 29 percent), and data loss and leakage risks (40 percent). The rise in specific concerns about compliance and integration suggests that companies are moving from theoretical exploration of cloud models to actual implementation.
- Unauthorized access through misuse of employee credentials and improper access controls is the single biggest threat (53 percent) to cloud security. This is followed by hijacking of accounts (44 percent) and insecure interfaces/APIs (39 percent). One in three organizations say external sharing of sensitive information is the biggest security threat.
- The vast majority (84 percent) of respondents are dissatisfied with traditional security tools when applied to cloud infrastructure. Respondents say traditional network security tools are somewhat ineffective (48 percent), completely ineffective (11 percent), or can’t be measured for effectiveness (25 percent) in cloud environments.
- The top three security headaches for organizations moving to the cloud include the following use cases: verifying security policies (51 percent), visibility (49 percent), and compliance (37 percent). These results suggest that companies are further along in implementation of cloud models compared with last year and are looking for security solutions that enhance the capabilities provided by service providers.
- Organizations moving to the cloud have a variety of choices available to strengthen cloud security. 61% of organizations plan to train and certify existing IT staff, 45% partner with a managed security services provider, and 42% deploy additional security software to protect data and applications in the cloud.
Download the complete 2016 Cloud Security Report here.
Report Sponsor Quotes:
Ryan Leatherbury, Senior Product Manager Cloud, AlienVault
“With
the rapid adoption of cloud computing, and the unique security concerns
that come with it, companies need to implement systems to safeguard
their data. AlienVault integrates essential tools that simplify cloud
security management and help companies achieve complete visibility into
their cloud infrastructure. We are pleased to support this report.”
Nat Kausik, CEO, Bitglass
“While cloud security has
made great strides, neither native nor traditional tools fully address
IT concerns. With purpose-built cloud security tools like Cloud Access
Security Brokers, organizations can achieve compliance and limit risk of
data leakage.”
Shlomo Kramer, CEO, Cato Networks
”The cloud is now an
integral part of the enterprise network and security must seamlessly
extend from on-premise to cloud-based infrastructure. The cloud also
enables new ways to deliver elastic, adaptive and cost efficient
security capabilities to the business.”
Ram Krishnan, Chief Product Officer, CloudPassage
“As IT
rapidly transforms to a more agile ecosystem of shared, elastic
infrastructure and continuous delivery, this breaks traditional security
tools. Cloud computing requires security platforms that are
purpose-built for the cloud, yet work within and across any
infrastructure to provide visibility, automated compliance, rapid
deployments and microsegmentation that protects workloads wherever they
reside.”
Alvaro Vitta, Principal Solutions Consultant, Dell Systems and
Information Management
“More than 56% of surveyed organizations
use Active Directory on-premises to authenticate and authorize access to
cloud applications, like Office 365. The failure to provide adequate
on-premises Active Directory security controls leave cloud-based
applications vulnerable to unauthorized access. Don’t let on-premises
Active Directory be your hybrid directory environment’s Achilles’ heel.”
Zohar Alon, CEO & Co-Founder, Dome9
“Security is the top
barrier for cloud adoption, and traditional security tools simply don’t
address the new challenges that cloud infrastructure security presents.
This survey clearly shows that visibility, remediation, and control over
cloud infrastructure security posture are critical for any CISO
protecting workloads in the cloud.”
Goran Begic, VP of Product, IMMUNIO
“Rapid growth of cloud
computing, together with other key industry trends like mobile and IoT
are accelerating the need for methods and tooling that do not rely on
the concept of impenetrable perimeter defenses. It is essential to
continuously engage with the expert community to gain a deeper
understanding of the ever changing world of cybersecurity and modern
solutions.”
David Shearer, CEO, (ISC)2
“The findings
from the report that 61 percent of organizations plan to train and
certify existing IT staff exemplifies the critical role that qualified
and properly trained professionals play in securing the enterprise. As
cloud security concerns continue to rise, we’re pleased to support this
initiative.”
Bob Adhar, President, Randtronics
“Once the ‘silver bullet’
of security, encryption has been ‘out marketed’ by other technologies
that mostly focus on securing the perimeter and not securing the target
of intruders. A business that only encrypts their data is more secure
than businesses with everything else.”
About Crowd Research Partners
Crowd Research Partners creates peer-sourced thought leadership content that delivers market insight and unique benchmarks for today’s professionals to inform and guide their corporate planning, work practices, and buying decisions. Leverage the wisdom of the crowd with fact-based, peer-sourced and social-optimized content that resonates with today's busy professionals. Visit us at http://www.crowdresearchpartners.com
