NOVEMBER 2019 / Stockholm
IP EXPOCyber SecurityDeveloperAI and AnalyticsIoTBlockchain

Is the cloud secure?

We’ve all seen the stats:

“Through 2020, public cloud infrastructure as a service (IaaS) workloads will suffer at least 60% fewer security incidents than those in traditional data centers.” Say Gartner, “By 2018, the 60% of enterprises that implement appropriate cloud visibility and control tools will experience one-third fewer security failures.” They also predict.

With this confidence from some quarters it is no wonder that a recent Intel Security survey found:

  • Hybrid cloud adoption grew 3X in the last year, increasing from 19% to 57% of organizations surveyed.
  • In 15 months, 80% of all IT budgets will be committed to cloud solutions.

But it also found that:

  • 49% of businesses are delaying cloud deployment due to a cybersecurity skills gap.

There is no doubt that the large public cloud providers such as AWS, Microsoft and Google subject themselves to security measures and audits far in advance of most enterprises and on-premise data centres. So why then in the 2017 State of the Cloud research conducted by Xceligent did they find that more than half of respondents (51%) cited security as the biggest challenge in using private or hybrid cloud.

It seems to be that clouds are, by and large, secure – the question then becomes around how you are using the cloud, for example Gartner examined the following challenges in a recent report:

  • Naive beliefs that cloud providers are totally responsible for their clients’ security discourage organizations from ensuring their employees use cloud services appropriately.
  • Some organizations, especially outside the U.S., are paying an opportunity cost by allowing unwarranted fears about security to inhibit their use of public cloud services.
  • Disproportionate attention to the cloud service providers’ (CSPs’) security posture has negatively impacted security by distracting attention away from the establishment of organizational cloud control processes.
  • Organizations that haven’t taken a strategic and carefully governed approach to the use of cloud computing can easily use it in a manner that is less secure than traditional computing, resulting in unnecessary compliance incidents and data losses.

They recommend

  • Cut through your organizational cloud preconceptions, and encourage cloud decisions based on business requirements.
  • Develop an enterprise public cloud strategy, including security guidance on acceptable uses for infrastructure as a service (IaaS), platform as a service (PaaS) and software as a service (SaaS).
  • Implement and enforce policies on usage responsibility and cloud risk acceptance processes.
  • Follow a life cycle governance approach that emphasizes the ongoing operational control of your public cloud use. 

Do learn more fromour free to attend seminar program and the experts exhibiting with us, please register for IP EXPO Nordic