IT Pros: ‘C-Suite Doesn’t Understand Cloud Risk’
Only 15% of UK IT professionals believe their senior management fully understands the risks of storing data in the cloud, according to a new global study from Intel Security.
The security giant polled over 1000 IT decision makers in the UK, US, Australia, Brazil, Canada, France, Germany and Spain to compile its latest report: Blue Skies Ahead? The State of Cloud Adoption.
It found that although the majority of respondents (77%) felt their organization trusted cloud more than a year ago, there remain challenges.
Just a third (34%) said they thought the C-level understands security risks in the cloud – a figure much lower in the UK.
Still, the vast majority said they were investing in infrastructure-as-a-service (81%), closely followed by security-as-a-service (79%), platform-as-a-service (69%), and software-as-a-service (60%).
The top security technologies used by respondents were email protection (43%), web security (41%), anti-malware (38%), firewall (37%), encryption and key management (34%), and data loss prevention (31%).
Compliance (72%) was the number one concern when it came to cloud deployments, with a further 13% claiming their main challenge was knowing whether or not sensitive data was being stored in the cloud.
Intel Security EMEA CTO, Raj Samani, argued that board-level education is vital if senior managers are to understand cloud security properly.
“By articulating the huge business benefits which can be gained from the cloud, such as considerable cost savings, increased flexibility and enhanced disaster recovery, IT can demonstrate exactly why so many businesses are adopting cloud technology,” he told Infosecurity.
“Within this discussion, IT must emphasize the key to secure cloud adoption: ensuring sufficient security controls are integrated from the start so that the cloud remains trustworthy. In this way, the C-suite will understand why moving to the cloud is so vital for the business while also gaining some clear insight into the potential cyber risks and how IT can mitigate these to keep corporate data secure.”
Source: Information Security Magazine