Cloud Security Doubted By Most IT Executives
Two-thirds of IT pros don't believe they can secure cloud
My Mistake: 10 CIOs Share Do-Over Worthy Moments
Slideshow: My Mistake: 10 CIOs Share Do-Over Worthy Moments (click image for larger view and for slideshow)
Enterprises are using cloud infrastructures, but they aren't very confident in their ability to secure them, according to a study published Wednesday.
Fewer than half of enterprises believe their organizations have adequate technologies to secure their cloud infrastructures, according to a survey of 1,000 IT security practitioners and enterprise compliance officers conducted by the Ponemon Institute and sponsored by encryption vendor Vormetric.
According to the report, "Data Security in the Cloud Survey of U.S. IT Operations, IT Security, and Compliance Practitioners," only one-third of IT security practitioners believe cloud infrastructure as a service (IaaS) environments are as secure as on-premises datacenters, while half of compliance officers think IaaS is as secure.
Twenty-one percent of compliance officers said they are responsible for defining security requirements, but 22% of IT respondents think this responsibility belongs to business unit leaders.
Fewer than a third of respondents said they encrypt data in the cloud. IT practitioners said encryption should be used to make data unreadable by cloud service providers, but compliance officers said encryption should be used to enforce separation of duties to prevent IT administrators from accessing data they do not need to perform their jobs.
"While we were surprised by the different attitudes towards cloud security among IT practitioners and compliance officers, the findings did reveal that security in the cloud is a concern for both groups, especially in IaaS environments," said Larry Ponemon, chairman and founder of the Ponemon Institute.
Read the rest of this article on Dark Reading.
About the Author
You May Also Like
Harnessing the Power of Automation to Boost Enterprise Cybersecurity
Oct 3, 2024DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024