Artificial IntelligenceNews/PR

97% of organizations have gaps in their cloud risk management plans – PwC report

2 Mins read
cloud security risks

Cloud powered businesses are emerging as frontrunners, set to outperform their counterparts across various key metrics, including sustained growth. The adoption of advanced technologies like generative AI is unlocking novel possibilities, making cloud integration imperative for success. However, addressing the cloud security landscape is a crucial challenge for organizations undergoing the transition to the cloud, considering the rise in cyberattacks.

According to PwC’s EMEA Cloud Business Survey 2023, cloud-powered businesses adopt a distinct approach to cybersecurity, encompassing leading practices in cloud governance, risk management, and controls. 65% of cloud-powered organizations prioritize these practices, compared to just 25% of their counterparts.

48% of cloud-powered organizations actively focus on building cybersecurity skills. The Digital Trust Insights Survey 2024 by PwC reveals that 97% of organizations admit to gaps in their cloud risk management plans.

To bridge this cybersecurity gap and address the global shortage of cybersecurity professionals, it is imperative to upskill existing employees in cloud solutions, focusing on comprehensive expertise in cyber defense, data privacy, and security analysis.

Rising to cyber resilience in the cloud journey

The report outlines three distinct cybersecurity states in an organization’s cloud transformation journey to cyber resilience:

  • Present State: Organizations initially adopt a reactive security approach, aligned with their on-premises assets, and exhibit poor visibility of cloud assets.
  • Transition State: Progressing in their cloud journey, organizations typically implement hybrid security across on-premises and cloud, utilizing a centralized cloud identity directory for users and assets.
  • Future State: Automated security becomes embedded in agile product management, employing a zero-trust strategy to facilitate digital transformation employing techniques such as strong authentication, network segmentation, and least privilege.

As organizations advance in their cloud transformation, they must take care to prevent cybersecurity gaps between on-premises IT estates and cloud-first operations. In the EMEA region, 40% of organizations are adopting integrated cyber tech solutions, with an additional 40% planning this move within the next two years.

Generative AI and cloud security

The advent of Generative AI (GenAI) has added momentum to organizations’ cloud journeys, driven by its demand for massive computing power and extensive data volumes. However, GenAI also introduces cloud security risks, enabling malicious threat actors to create sophisticated malware, phishing emails, and fake identities. Managing these risks necessitates a robust risk management framework that embraces opportunities.

Despite the potential risks, GenAI is poised to play a pivotal role in enhancing cybersecurity. 64% of companies plan to use GenAI for cyber defense in the next 12 months, with 47% already deploying AI for cyber risk detection and mitigation.

Cyber investment plans

Modernization and optimization take precedence in cyber investment priorities of organizations for 2024. Almost half (49%) of business leaders prioritize technology modernization, while 45% focus on optimizing existing technologies. Hybrid cloud users are also inclined to select cloud as a top-three priority for security investments in the coming year, underscoring the shift towards integrated cyber technology suites.

As organizations move forward, CISOs, CIOs, and the entire C-suite are collaborating on a ‘security-first’ cloud transformation strategy. Key priorities include building an architecture based on zero-trust principles, implementing frameworks for responsible AI, ensuring automated backup mechanisms for recovery from disruptive cyberattacks and continuous monitoring for evolving cybersecurity challenges.

Source: PwC

Read next: Gartner predicts less than 25% of government organizations will have generative AI-enabled citizen-facing services by 2027

Leave a Reply

Your email address will not be published. Required fields are marked *

86 + = 89