Enterprise IT Departments Find It Hard To Keep the Cloud Safe
By Jef Cozza / CIO Today. Updated February 13, 2017.
A lack of appropriate IT security skills is hindering the expansion of cloud deployments, according to a new report released today by Intel Security at the annual RSA Security Conference in San Francisco. Forty-nine percent of the more than 2,000 organizations surveyed said that a lack of cybersecurity skills has slowed the adoption or usage of cloud services.
An additional 36 percent of enterprises said they are experiencing a scarcity of cybersecurity skills but are continuing with their cloud deployments regardless. Only 15 percent of those surveyed stated they do not have a skills shortage, Intel reported.
Lack of IT Skills
The findings were published in Intel Security's second annual cloud security report, "Building Trust in a Cloudy Sky." The report outlines the current state of cloud adoption, the primary concerns with private and public cloud services, security implications, and the evolving impact of shadow IT, according to Intel.
"The 'cloud first' strategy is now well and truly ensconced into the architecture of many organizations across the world," said Raj Samani, EMEA chief technology officer, Intel Security, in a statement. "The desire to move quickly toward cloud computing appears to be on the agenda for most organizations. This year, the average time before respondents thought their IT budgets would be 80 percent cloud-based was 15 months, indicating that cloud first for many companies is progressing and remains the objective."
Nevertheless, a dearth of security skills remains a major issue preventing enterprises from adopting cloud technology more rapidly. As a result, employees may be engaging in shadow IT activities as a result of their employers' inabilities to provide the tools they feel they need for their jobs.
But Trust Is Growing
According to the report, almost 40 percent of cloud services are now commissioned without the involvement of IT as a result of the ease of procurement. In addition, visibility of these shadow IT services has dropped from about 50 percent last year to just under 47 percent this year, leading 65 percent of IT professionals to report that the phenomenon is interfering with their abilities to keep the cloud safe and secure.
This is not surprising given the amount of sensitive data now being stored in the public cloud; more than half (52 percent) of respondents said they have definitively tracked malware from cloud SaaS (software-as-a-service) applications, according to Intel.
Despite the growing pains, trust in cloud services is actually increasing, the report noted. Most organizations now view cloud services as being equally or more secure than private clouds, and more likely to deliver lower costs of ownership and overall data visibility.
Improved trust and perception, as well as increased understanding of the risks by senior management, is encouraging more organizations to store sensitive data in the public cloud. Personal customer information is the most likely type of data to be stored in public clouds, kept there by 62 percent of those surveyed.