Building a slide deck, pitch, or presentation? Here are the big takeaways:
- Concerns about cloud security rose by 11% among 400,000 information security specialists on LinkedIn.
- Experts are worried about the lack of qualified staff and the relatively weak, outdated security tools currently in use by many companies. — Crowd Research Partners, 2018
Cybersecurity experts expressed worry about the surge in cloud computing, highlighting a wide variety of potential issues that have either already cropped up or will crop up in the near future, according to a survey by Crowd Research Partners.
The group spoke to more than 1,900 cyber security professionals in the 400,000-member Information Security Community on LinkedIn and worked on the report with cloud security vendors AlienVault, Bitglass, CloudPassage, Cloudvisory, Dome9 Security, Eastwind Networks, Evident.io, (ISC)2, Quest, Skyhigh, and Tenable.
Security experts featured in the survey said they were concerned about a number of threats to cloud computing, including protecting against data loss and leakage, the misconfiguration of cloud platforms, and a severe lack of qualified staff and expertise.
SEE: Cloud computing policy (Tech Pro Research)
“While workloads continue to move into the cloud, the study reveals that security concerns are on the rise again, reversing a multi-year trend,” Holger Schulze, CEO of Cybersecurity Insiders and founder of the LinkedIn group, said in the report. “With half of organizations predicting a rise in cloud security budgets, protecting today’s cloud environments requires more and better trained security professionals and innovative, cloud-native security solutions to address the concerns of unauthorized access, data and privacy loss, and compliance in the cloud.”
According to the survey, only 16% of organizations believed their current security measures were enough to protect them, with 84% saying their security measures had, at best, limited capabilities in the cloud computing environment.
To address these issues, 56% of experts said they believed better training and certification of IT staff members is key to protecting cloud environments. In addition to training, security experts said companies should try to encrypt their data and look into hiring third-party security teams to make sure their cloud provider’s defenses were up to snuff.
Half of the organizations mentioned in the survey expected growths in cloud security budgets, with a median increase of 22%.
Some companies are taking matters into their own hands. Last week, Google announced a new Cloud Security Command Center and a number of new initiatives aimed at securing cloud networks.
“In industries from financial services to healthcare to retail, companies are relying on the automation and scale offered by the cloud to protect their data and that of their customers—allowing their employees to focus on building their business,” wrote Urs Hölzle, senior vice president of technical infrastructure at Google, in a blog post earlier this month.
Hölzle later continued: “But the cloud makes it much easier to stay on top of [security issues]. The scale of the cloud security teams that find and mitigate emerging threats, the ability to update many systems at scale, and the automation to scan, update and protect users all contribute to cloud’s unique position to keep information and people secure.”
Despite the promise of improved security in the cloud, some 62% of enterprise IT leaders surveyed recently said that their on-premises security was better than that offered in the cloud. However, for the companies that wish to make a secure transition to the public cloud, follow these 10 steps to protect critical workloads.