90% of the information security professionals consider more than 50% of the cloud-resident data as sensitive, according to Oracle and KPMG Cloud Threat Report, 2018.
The cloud adoption has become a business imperative for most of the organizations, because of its vast advantages like cost savings and enhanced security.
Oracle and KPMG LLP surveyed around 450 IT security pros worldwide, and found that enterprises were struggling to protect their data on cloud with the increased number of security breaches.
The report highlighted that a large number of organizations were confident about cloud adoption, which was evident from the finding that 90% of them stored at least 50% of data on cloud.
“As organizations expand their cloud footprint, traditional security measures are unable to keep up with the rapid growth of users, applications, data, and infrastructure,” said Akshay Bhargava, vice president, Cloud Business Group, Oracle. “Autonomous security is critical when adopting more cloud services to easily deploy and manage integrated policies that span hybrid and multi-cloud environments. By using machine learning, artificial intelligence and orchestration, organizations can more quickly detect and respond to security threats, and protect their assets.”
97% of the respondents said that they required most or all of cloud services to be approved by their security teams, however, 82% of them were concerned about the employees and teams violating the security policies.
The IT pros responded that the threats like malware, phishing and exploits were the top challenges for their organizations. The other top challenges for the organizations included consolidating, analyzing and responding to threats (40%), and lack of unified policies across disparate infrastructure (26%).
36% of the respondents said that use of mobile devices and applications makes it difficult to control and monitor identity and access management (IAM).
To overcome these challenges, 84% of them opted for the use of more automation solutions to defend against cyberattacks, while 40% of the organizations hired dedicated cloud security architects.
Only 14% of the organizations could effectively analyze and respond to majority of their security event data.
To further eliminate the IT security challenges, a majority (89%) of organizations expected to increase their investment in cyber security over the next fiscal year.
According to the report, 95% of the respondents who will comply General Data Protection Regulation (GDPR) said that its compliance will have a significant impact on cloud strategies and service provider choices.
“The pace of innovation and change in business strategies today necessitate flexible, cost-effective, cloud-based solutions,” said Tony Buffomante, U.S. Leader of KPMG LLP’s Cyber Security Services. “As many organizations migrate to cloud services, it is critical that their business and security objectives align, and that they establish rigorous controls of their own, versus solely relying on the cyber security measures provided by the cloud vendor.”