Cloud confidence
Confidence in the Cloud Keeps Growing
A new survey reveals some of the trends changing the role of IT as more businesses move to the cloud and what organizations are doing to reduce security risks.
Rising Confidence in the Cloud
64.9% of IT leaders think of the cloud as secure or more secure than on-premises software.
Cloud On-Boarding
71.2% of companies have a formal process for users to request new cloud services. Yet 65.5% of them said they only partially follow it.
Data Loss Worries
26.3% of companies are very concerned about data loss as systems of record move to the cloud. Another 32.2% of companies are somewhat concerned about data loss.
Who’s in Charge?
65.7% of organizations concerned about a data loss have a CISO while 50% of companies that aren’t concerned about data loss have a CISO.
Moving to the Cloud
CRM is the most widely used cloud-based system (36.3%), followed by IT service management (31%) and human resources management (24.4%).
Time to Evaluate
On average, it takes an IT security team 17.7 days to evaluate the security of a cloud provider. But 55.5% of companies make a decision without a security evaluation because they already have a comparable solution in place—the biggest reason to reject a request (55.1%).
Other Reasons for Rejection
The next most common reason for rejecting a cloud service request is that the provider is not trusted (53.6%), followed by a lack of encryption (45.8%) and a lack of data loss prevention (43.9%).
More Support
71.3% said their companies have plans to offer more cloud support to the lines of business.
Biggest Benefits
The biggest benefits of moving to cloud-based options vs. legacy solutions include lower up-front or ongoing costs (71.8%), faster implementation (69.2%) and a better user experience (49.4%).
Adoption Barriers
The biggest obstacles to cloud adoption are the ability to enforce corporate security policies (67.8%), regulatory requirement compliance (61.2%) and budget constraints (31.6%).
Data Loss Prevention
The biggest barrier to having programs to stop data loss in the cloud is the lack of skilled security professionals (30.7%), lack of an internal strategy for operationalizing threat intelligence data (26.5%) and no budget to acquire new technologies that detect cloud breaches (22.9%).
Incident Planning
82.2% of companies have some form of incident-response plan; 53.8% of those with a CISO have a complete incident-response plan, and 29.2% with a CISO have cyber-insurance.
Paying Ransom
24.6% of companies would be willing to pay ransom to hackers to prevent a cyber-attack and 14% would pay more than $1 million.
Centralizing Control
63.9% of respondents have heard of cloud access security brokers (CASB), but only 41.8% of them know what it means.
Capabilities Needed
The biggest cloud security capabilities needed include access control (87.3%), followed by encryption (83.4%), data loss prevention 73.9%, compromised account detection (57.2%) and insider threat detection (56.1%).