INTELLIGENT BRANDS // Cloud
In 2015, 33% of
respondents said they
lacked the tools and
low-level access to
usage data that would
allow them to identify
a data breach or do
forensic analysis that
would make incident
response effective. This
figure that has risen to
56% this year
InfoSec professionals seem to have
accepted the on-going migration to the
cloud as inevitable, however, and are
doing what they can to secure sensitive
data and applications in the public cloud.
Overa ll, 48% of respondents’
organisations store employee data in
the cloud, and 24% store customer
financial data there. In addition, 27%
use cloud-based email and messaging
and 17% use collaboration or document
management services in the public cloud.
Baltagi continues, “Cloud providers do
offer more security tools for their own
platforms, and some have expanded
support of industry standard security
frameworks and reporting methods to
increase visibility and integration with
customers’ existing security tools.”
grow 18.3% to reach $879.3 million in
2016. However, even as the uptake of
cloud continues to increase, security,
which has always been a major hurdle
to cloud adoption, remains a challenge.
According to the SANS survey, 62% of
respondents said they are concerned
that unauthorised outsiders could access
data stored on public cloud services,
representing a 20% increase over the
previous year.
“IT professionals in the Middle East
clearly understand the host of benefits
that cloud offers, but their concerns
arise due to the lack of visibility and
control over data in the cloud,” said Ned
Baltagi, Managing Director, Middle East
& Africa at SANS. “Business dynamics
www.intelligentcio.com
have necessitated IT scalability and
flexibility and cloud computing presents
a convincing and cost-effective solution.
But IT teams need to work with line
of business managers to find new
technologies and policy approaches to
reduce the risk.”
The survey also found that
organisations believe their ability to
identify and remediate cloud data
breaches has reduced. In 2015, 33%
of respondents said they lacked the
tools and low-level access to usage
data that would allow them to identify
a data breach or do forensic analysis
that would make incident response
effective. This figure that has risen to
56% this year.
For InfoSec professionals, however, the
greatest challenges are still the limited
ability to access data controls built into
cloud platforms, integration with existing
tools and the slow progress toward APIs
or services to bridge the gap between
internal and external security.
“By this time next year, we hope to see a
lot more support for third-party solutions,
better access for forensic analysis, and
more openness about the security
controls and processes cloud providers
use,” Baltagi says. “Cloud providers
are improving, but they’re not moving
fast enough to address the needs of
enterprises that continue to migrate
sensitive data into the public cloud.”
INTELLIGENTCIO
57