Cybersecurity is always a top concern for executives. As the corporate perimeter becomes more virtual and decentralized, it becomes increasingly difficult to keep the company safe from attack or exposure. As a number of organizations move to hybrid cloud/multi-cloud, it is expected that security should be even greater. But a recent survey by CloudBolt Software shows that might not be the case.
Since there are risks of cyberattacks and data breaches, it’s not surprising that company leaders are strongly embracing cloud security. According to a survey, 79% of respondents said that their company’s board of directors and executive team are willing to do whatever is necessary to ensure that cloud-related computing is secure. 83% of companies say that their Chief Information Security Officer (CISO) is adept at cloud security.
Consistent cloud security policy is the biggest concern for organizations
Even with strong support from executives and the board, as well as competent CISOs, cloud security still appears to be weaker and less consistent.
79% of companies questioned said that they struggled with enforcing a consistent cloud security policy. 48% of companies said that operational complexity and the complications of multi-cloud support were key areas of concern. 42% of companies said that lack of centralized compliance/security/reporting/analytics was another concern.
Skills gap and lack of skillset maturity are weakening security
There are not enough people with the skills to address the biggest cloud challenges, including cloud security. 56% of respondents rate “depth of native cloud skillset/expertise” as their top concern. Additionally, another 29% say that “lack of talent with deep security expertise” is an issue.
When asked about the skillset maturity across all clouds, 68% of respondents chose “Somewhat Mature” and 20% said they were “Neutral” in terms of the level of maturity. Considering that there is a lot of unauthorized IT provisioning and a lack of process for cloud security best practices, it’s surprising that there have not been reports of more negative events.
Only 8% of people surveyed say that they have taken strong security measures when using cloud resources and creating new environments. 83% of respondents say they have done this “somewhat.”
As more and more companies join the CloudFirst initiative, it’s important to remember that true security of the cloud is being neglected in favor of “good enough” security. Even though companies believe their executives and boards have done what’s necessary to secure the clouds they’re using, it seems like they’re falling short. It remains to be seen if they’ll be able to improve as their hybrid cloud/multi-cloud practices become more refined. In the meantime, we recommend using efficient cloud security tools and implementing strong security policies to protect your data in the cloud.
Source: CloudBolt Software