WASHINGTON--(BUSINESS WIRE)--Following industry predictions that the global cloud market will exceed $250 billion by 2020, Crowd Research Partners today released the results of its 2016 Cloud Security Spotlight Report, in conjunction with leading cloud security vendors Alien Vault, Bitglass, Cato Networks, CloudPassage, Dell Software, Dome9 Security, IMMUNIO, (ISC)2 and Randtronics. Based on a comprehensive survey of more than 2,200 global cybersecurity professionals who are among the 300,000+ members of the Information Security Community on LinkedIn, the study indicates cloud security concerns are evolving with the increasing adoption of cloud computing.
“As organizations look to cloud computing to reduce IT costs, increase agility and better support business functions, security of data and applications in the cloud remains a critical requirement,” said Holger Schulze, founder of the 300,000-member Information Security Community on LinkedIn. “The 2016 Cloud Security Report indicates that as organizations increase investments in cloud infrastructure, they are seeking a similar level of security controls and functionality to what’s available in traditional IT infrastructures. However, they are finding traditional security tools ineffective in the cloud. In a shared responsibility model, this is an opportunity for organizations to implement effective cloud security solutions to strengthen their security posture and capitalize on the promise of cloud computing.”
Key cloud security trends highlighted in the study include:
- Security concerns top the list of barriers to cloud adoption led by general security concerns (53 percent, up from 45 percent in last year’s survey), legal and regulatory compliance concerns (42 percent, up from 29 percent), and data loss and leakage risks (40 percent). The rise in specific concerns about compliance and integration suggests that companies are moving from theoretical exploration of cloud models to actual implementation.
- Unauthorized access through misuse of employee credentials and improper access controls is the single biggest threat (53 percent) to cloud security. This is followed by hijacking of accounts (44 percent) and insecure interfaces/APIs (39 percent). One in three organizations say external sharing of sensitive information is the biggest security threat.
- The vast majority (84 percent) of respondents are dissatisfied with traditional security tools when applied to cloud infrastructure. Respondents say traditional network security tools are somewhat ineffective (48 percent), completely ineffective (11 percent), or can’t be measured for effectiveness (25 percent) in cloud environments.
- The top three security headaches for organizations moving to the cloud include the following use cases: verifying security policies (51 percent), visibility (49 percent), and compliance (37 percent). These results suggest that companies are further along in implementation of cloud models compared with last year and are looking for security solutions that enhance the capabilities provided by service providers.
- Organizations moving to the cloud have a variety of choices available to strengthen cloud security. 61% of organizations plan to train and certify existing IT staff, 45% partner with a managed security services provider, and 42% deploy additional security software to protect data and applications in the cloud.
Download the complete 2016 Cloud Security Report here.
Report Sponsor Quotes:
Ryan Leatherbury, Senior Product Manager Cloud, AlienVault
“With the rapid adoption of cloud computing, and the unique security concerns that come with it, companies need to implement systems to safeguard their data. AlienVault integrates essential tools that simplify cloud security management and help companies achieve complete visibility into their cloud infrastructure. We are pleased to support this report.”
Nat Kausik, CEO, Bitglass
“While cloud security has made great strides, neither native nor traditional tools fully address IT concerns. With purpose-built cloud security tools like Cloud Access Security Brokers, organizations can achieve compliance and limit risk of data leakage.”
Shlomo Kramer, CEO, Cato Networks
”The cloud is now an integral part of the enterprise network and security must seamlessly extend from on-premise to cloud-based infrastructure. The cloud also enables new ways to deliver elastic, adaptive and cost efficient security capabilities to the business.”
Ram Krishnan, Chief Product Officer, CloudPassage
“As IT rapidly transforms to a more agile ecosystem of shared, elastic infrastructure and continuous delivery, this breaks traditional security tools. Cloud computing requires security platforms that are purpose-built for the cloud, yet work within and across any infrastructure to provide visibility, automated compliance, rapid deployments and microsegmentation that protects workloads wherever they reside.”
Alvaro Vitta, Principal Solutions Consultant, Dell Systems and
“More than 56% of surveyed organizations use Active Directory on-premises to authenticate and authorize access to cloud applications, like Office 365. The failure to provide adequate on-premises Active Directory security controls leave cloud-based applications vulnerable to unauthorized access. Don’t let on-premises Active Directory be your hybrid directory environment’s Achilles’ heel.”
Zohar Alon, CEO & Co-Founder, Dome9
“Security is the top barrier for cloud adoption, and traditional security tools simply don’t address the new challenges that cloud infrastructure security presents. This survey clearly shows that visibility, remediation, and control over cloud infrastructure security posture are critical for any CISO protecting workloads in the cloud.”
Goran Begic, VP of Product, IMMUNIO
“Rapid growth of cloud computing, together with other key industry trends like mobile and IoT are accelerating the need for methods and tooling that do not rely on the concept of impenetrable perimeter defenses. It is essential to continuously engage with the expert community to gain a deeper understanding of the ever changing world of cybersecurity and modern solutions.”
David Shearer, CEO, (ISC)2
“The findings from the report that 61 percent of organizations plan to train and certify existing IT staff exemplifies the critical role that qualified and properly trained professionals play in securing the enterprise. As cloud security concerns continue to rise, we’re pleased to support this initiative.”
Bob Adhar, President, Randtronics
“Once the ‘silver bullet’ of security, encryption has been ‘out marketed’ by other technologies that mostly focus on securing the perimeter and not securing the target of intruders. A business that only encrypts their data is more secure than businesses with everything else.”
About Crowd Research Partners
Crowd Research Partners creates peer-sourced thought leadership content that delivers market insight and unique benchmarks for today’s professionals to inform and guide their corporate planning, work practices, and buying decisions. Leverage the wisdom of the crowd with fact-based, peer-sourced and social-optimized content that resonates with today's busy professionals. Visit us at http://www.crowdresearchpartners.com