Two reports published independently of each other found that the majority of organizations are moderately to extremely concerned about the state of cloud security.
In Guardians of the Cloud, the 2019 cloud report published annually by Bitglass, researchers found that 93% of organizations are at least moderately concerned about their ability to use the cloud securely. The same number of respondents in the 2019 Cloud Security Report from Synopsys said that they were either moderately or extremely concerned about cloud security.
According to Guardians of the Cloud, 75% of organizations leverage multiple cloud solutions, while a mere 20% actually have visibility over cross-app anomalous behavior. Additionally, only 20% of participating organizations said that they use cloud data loss prevention (DLP), despite storing highly sensitive information in the cloud, including customer and employee data and intellectual property. Not surprisingly, malware is the most concerning data leakage vector.
The majority (67%) of companies said they believe cloud apps are either as secure as or more secure than on-premises apps. Two of the most popular cloud security capabilities among respondents are access control (52%) and anti-malware (46%).
“Data is now being stored in more cloud apps and accessed by more devices than ever before,” said Rich Campagna, chief marketing officer of Bitglass, in today’s press release. “This report found that...the adoption rates of basic cloud security tools and practices are still far too low. Many organizations need to rethink their approach to protecting data, as traditional tools for safeguarding data on premises are not capable of protecting data in the cloud.”
Synopsys’ latest cloud security report likewise found that organizations have a wide range of cloud security concerns. Most notable, organizations are worried about data loss and leakage (64%) and data privacy and confidentiality (62%).
For 43% of organizations, monitoring new vulnerabilities in cloud services is one of the most challenging aspects of cloud compliance.
“As workloads continue to move to the cloud, cybersecurity professionals are realizing the complications of protecting these workloads. The top two security headaches SOCs are struggling with are compliance (34%) and lack of visibility into infrastructure security (33%). Setting consistent security policies across cloud and on-premises environments (31%) and the continuing lack of qualified security staff (31%) are tied for third place,” the report said.