While adoption of cloud computing continues to surge, security concerns are showing no signs of abating. After several years of a downward trend, 90% of cybersecurity professionals confirm they are concerned about cloud security, up 11 percentage points from last year’s cloud security survey. The top cloud security challenges are protecting against data loss and leakage (67%), threats to data privacy (61%) and breaches of confidentiality (53%).
The 2018 Cloud Security Report from Crowd Research Partners, based on an online survey of cybersecurity professionals in the 400,000-member Information Security Community on LinkedIn, shows that a lack of qualified security staff and outdated security tools are significant obstacles to enabling a secure cloud posture at many enterprises. Only 16% of organizations report that the capabilities of traditional security tools are sufficient to manage security across the cloud, which is a 6% drop from 2017. A full 84% say traditional security solutions either don’t work at all in cloud environments or have only limited functionality.
Cybersecurity professionals are also struggling with visibility into cloud infrastructure security (43%), compliance (38%) and consistent security policies across cloud and on-premises environments (35%).
“While workloads continue to move into the cloud, the study reveals that cloud security concerns are on the rise again, reversing a multi-year trend,” said Holger Schulze, CEO of Cybersecurity Insiders and founder of the Information Security Community. “With half of organizations predicting a rise in cloud security budgets, protecting today’s cloud environments require more and better trained security professionals and innovative, cloud-native security solutions to address the concerns of unauthorized access, data and privacy loss, and compliance in the cloud.”
When it comes to the biggest perceived threats to cloud security, misconfiguration of cloud platforms jumped to the No. 1 spot in this year’s survey as the single biggest threat. This is followed by unauthorized access through misuse of employee credentials and improper access controls (55%), and insecure interfaces or APIs (50%).
On the defense side, for the second year in a row, training and certification of current IT staff (56%) ranks as the most popular path to meet evolving security needs. Fifty percent of respondents use their cloud provider’s security tools, and 35% deploy third-party security software to ensure the proper cloud security controls are implemented.
Meanwhile, encryption of data at rest (64%) and data in motion (54%) top the list of the most effective cloud security technologies, followed by security information and event management (SIEM) platforms (52%).
And finally, 49% of organizations expect cloud security budgets to increase, with a median increase of 22%.