Crowd Research Partners today released the 2018 Cloud Security Report
revealing that security concerns are on the rise, exacerbated by a lack
of qualified security staff and outdated security tools - while data
breaches are at an all-time high.
Download the complete 2018 Cloud Security Report here.
"While workloads continue to move into the cloud, the study reveals that
cloud security concerns are on the rise again, reversing a multi-year
trend," said Holger Schulze, CEO of Cybersecurity Insiders and founder
of the 400,000-member Information Security Community on LinkedIn which
commissioned the study. "With half of organizations predicting a rise in
cloud security budgets, protecting today's cloud environments require
more and better trained security professionals and innovative,
cloud-native security solutions to address the concerns of unauthorized
access, data and privacy loss, and compliance in the cloud."
Key takeaways from the report include:
-
Cloud security concerns - While adoption of cloud computing
continues to surge, security concerns are showing no signs of abating.
Reversing a multi-year downward trend, nine out of ten cybersecurity
professionals confirm they are concerned about cloud security, up 11
percentage points from last year's cloud security survey. The top
three cloud security challenges include protecting against data loss
and leakage (67%), threats to data privacy (61%), and breaches of
confidentiality (53%).
-
Biggest threats to cloud security - Misconfiguration of cloud
platforms jumped to the number one spot in this year's survey as the
single biggest threat to cloud security (62%). This is followed by
unauthorized access through misuse of employee credentials and
improper access controls (55%), and insecure interfaces / APIs (50%).
-
Cloud Security Headaches - As more workloads move to the cloud,
cybersecurity professionals are increasingly realizing the
complications to protect these workloads. The top three security
control challenges security operations centers (SOCs) are struggling
with are visibility into infrastructure security (43%), compliance
(38%),and setting consistent security policies across cloud and
on-premises environments (35%).
-
Legacy security tools limited in the cloud - Only 16 percent of
organizations report that the capabilities of traditional security
tools are sufficient to manage security across the cloud, a
6-percentage point drop from our previous survey. Eighty-four percent
say traditional security solutions either don't work at all in cloud
environments or have only limited functionality. Cybersecurity
professionals are struggling with visibility into cloud infrastructure
security (43%), compliance (38%), and setting consistent security
policies across cloud and on-premises environments (35%).
-
Paths to stronger cloud security - For the second year in a
row, training and certification of current IT staff (56%) ranks as the
most popular path to meet evolving security needs. Fifty percent of
respondents use their cloud provider's security tools, and 35 percent
deploy third-party security software to ensure the proper cloud
security controls are implemented.
-
Effective cloud security solutions - Encryption of data at rest
(64%) and data in motion (54%) tops the list of the most effective
cloud security technologies, followed by Security Information and
Event Management (SIEM) platforms (52%).
-
Cloud security budgets increase - Looking ahead, close to half
of organizations (49%) expect cloud security budgets to go up, with a
median budget increase in 22 percent.
Based on a comprehensive online survey of cybersecurity professionals in
the 400,000-member Information Security Community on LinkedIn, the 2018
Cloud Security Report has been produced in partnership with leading
cloud security vendors Alert Logic | AlienVault | Bitglass | Cavirin |
CloudPassage | Dome9 Security | Edgile | Evident.io | GoAnywhere |
HelpSystems | (ISC)2 | Securonix | Sift Security.