The new 2018 Cloud Security Report [ download here ] reveals that security concerns are on the rise, exacerbated by a lack of qualified security staff and outdated security tools – while data breaches are at an all-time high.
“While workloads continue to move into the cloud, the study reveals that cloud security concerns are on the rise again, reversing a multi-year trend,” said Holger Schulze, CEO of Cybersecurity Insiders and founder of the 400,000-member Information Security Community on LinkedIn which commissioned the study. “With half of organizations predicting a rise in cloud security budgets, protecting today’s cloud environments require more and better trained security professionals and innovative, cloud-native security solutions to address the concerns of unauthorized access, data and privacy loss, and compliance in the cloud.”
Key takeaways from the report include:
- Cloud security concerns – While adoption of cloud computing continues to surge, security concerns are showing no signs of abating. Reversing a multi-year downward trend, nine out of ten cybersecurity professionals confirm they are concerned about cloud security, up 11 percentage points from last year’s cloud security survey. The top three cloud security challenges include protecting against data loss and leakage (67%), threats to data privacy (61%), and breaches of confidentiality (53%).
- Biggest threats to cloud security – Misconfiguration of cloud platforms jumped to the number one spot in this year’s survey as the single biggest threat to cloud security (62%). This is followed by unauthorized access through misuse of employee credentials and improper access controls (55%), and insecure interfaces / APIs (50%).
- Cloud Security Headaches – As more workloads move to the cloud, cybersecurity professionals are increasingly realizing the complications to protect these workloads. The top three security control challenges security operations centers (SOCs) are struggling with are visibility into infrastructure security (43%), compliance (38%),and setting consistent security policies across cloud and on-premises environments (35%).
- Legacy security tools limited in the cloud – Only 16 percent of organizations report that the capabilities of traditional security tools are sufficient to manage security across the cloud, a 6-percentage point drop from our previous survey. Eighty-four percent say traditional security solutions either don’t work at all in cloud environments or have only limited functionality. Cybersecurity professionals are struggling with visibility into cloud infrastructure security (43%), compliance (38%), and setting consistent security policies across cloud and on-premises environments (35%).
- Paths to stronger cloud security – For the second year in a row, training and certification of current IT staff (56%) ranks as the most popular path to meet evolving security needs. Fifty percent of respondents use their cloud provider’s security tools, and 35 percent deploy third-party security software to ensure the proper cloud security controls are implemented.
- Effective cloud security solutions – Encryption of data at rest (64%) and data in motion (54%) tops the list of the most effective cloud security technologies, followed by Security Information and Event Management (SIEM) platforms (52%).
- Cloud security budgets increase – Looking ahead, close to half of organizations (49%) expect cloud security budgets to go up, with a median budget increase in 22 percent.
Based on a comprehensive online survey of cybersecurity professionals in the 400,000-member Information Security Community on LinkedIn, the 2018 Cloud Security Report has been produced in partnership with leading cloud security vendors Alert Logic | AlienVault | Bitglass | Cavirin | CloudPassage | Dome9 Security | Edgile | Evident.io | GoAnywhere | HelpSystems | (ISC)2 | Securonix | Sift Security.