Cloud Security By The Numbers
Quantifying the perceptions around cloud security practices.
November 21, 2014
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt62252c3672f3feeb/64f0dc8176acefdbb633e033/singlecloud.jpg?width=700&auto=webp&quality=80&disable=upscale)
As IT executives and business leaders finally get their arms around analyses of the business opportunities versus the security risks of cloud adoption, the industry is increasingly quantifying the friction between the two. We've put together some numbers to show perception over some of the hot-button issues, as well as current progress toward smoothing the way for secure cloud transformations.
According to a recent Informationweek Reports survey, security and data resiliency issues make up four of the top 10 concerns held by IT over cloud adoption. And sitting atop that list is the concern of security defects in the cloud technology itself.
Source: InformationWeek
IT pros seem to be split nearly right down the middle as to whether using cloud services increases the risk of a data breach. Approximately 51% say sending data to the cloud increases or significantly increases that risk.
Source: Netskope
Meanwhile, even more line of business leaders are confident in the security of the cloud. In fact, more than a third even believe it actually improves security, according to a survey of nearly 600 Harvard Business Review readers.
Source: Verizon
However, the use of the cloud does raise the stakes for breach impact. According to a recent Ponemon Institute report, the use of SaaS increases the financial impact of a breach by a factor of 1.5 times a normal breach of data from on-premises infrastructure.
Source: Netskope
The added impact of potential risk from a cloud breach is further exacerbated by lackluster cloud encryption practices. The percentage of organizations that use encryption to secure sensitive data in the cloud hovers at only about 1/3 worldwide.
Source: Safenet
And the truth is that most security organizations still struggle to extend corporate data governance policies to the public cloud, and they have a hard time maintaining visibility into security policy across a hybrid cloud infrastructure.
Source: Algosec
That's probably why they can't seem to enforce cloud policies very well. According to a report by Skyhigh Networks, there's a perception gap in how well companies are blocking unauthorized use and uploading to cloud apps compared to their intended policy enforcement actions.
Source: Skyhigh Networks
A survey conducted by the Cloud Security Alliance on behalf of Netskope also found that IT departments may be underestimating the number of cloud apps used across the business. More than half of these departments believe the business is running 10 or fewer cloud service apps. Meanwhile, compared to data from Skyhigh Networks, the average number is closer to 800.
Source: Cloud Security Alliance
Many of the struggles IT faces in the cloud can be summed up here, according to a Ponemon Institute study: Just 9% of IT security organizations are always involved in decisions regarding cloud procurement. Worse, 47% are rarely or never involved.
Source: SafeNet
Many of the struggles IT faces in the cloud can be summed up here, according to a Ponemon Institute study: Just 9% of IT security organizations are always involved in decisions regarding cloud procurement. Worse, 47% are rarely or never involved.
Source: SafeNet
As IT executives and business leaders finally get their arms around analyses of the business opportunities versus the security risks of cloud adoption, the industry is increasingly quantifying the friction between the two. We've put together some numbers to show perception over some of the hot-button issues, as well as current progress toward smoothing the way for secure cloud transformations.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024