Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Data Security Concerns Still Challenge Cloud Adoption: Survey

A new report from the Cloud Security Alliance (CSA) found that many executives and IT managers feel concerns about the security of data are a top challenge holding back cloud projects.

A new report from the Cloud Security Alliance (CSA) found that many executives and IT managers feel concerns about the security of data are a top challenge holding back cloud projects.

The CSA’s Cloud Adoption, Practices and Priorities Survey Report fielded responses from 212 participants from IT security (33 percent), IT (25 percent), compliance and audit (10 percent), and other (32 percent) professional roles over a five-week period between the third and fourth quarters of 2014. Participants were spread out globally across 17 different countries.

According to the survey, 73 percent said concerns about the security of data are a top challenge holding back cloud adoption. In addition, other top responses include concerns about regulatory compliance (38 percent) and loss of control over IT services (38 percent). Some 72 percent admitted they did not know how many shadow IT apps were within their organization but wanted to.

“As companies move data to the cloud, they are looking to put in place policies and processes so that employees can take advantage of cloud services that drive business growth without compromising the security, compliance, and governance of corporate data,” said Jim Reavis, CEO of the CSA, in a statement. “We hope that this report provides companies with some good peer insight so that they can make better decisions to help confidently and responsibly accelerate the use of cloud services in their environment.”

Despite concerns about security, companies are still largely going forward with the adoption of cloud services. Seventy-four percent said they are proceeding either “full steam ahead” or “moving with caution” in regards to their adoption of cloud services. Large corporations are more likely than others to have policies and procedures in place for managing the cloud. The survey found that companies with more than 5,000 employees are more likely to have a cloud governance committee (35 percent versus 12 percent), have a policy on acceptable cloud usage (61 percent versus 45 percent), and have a security awareness training program (26 percent versus 20 percent) compared to companies with less than 5,000.

Large enterprises however were found to be slower to invest heavily in cloud services, with only 36 percent of them spending more than 20 percent of their IT budget on cloud services. This compared to 49 percent for companies with fewer than 5,000 staffers. Sixty-one percent of respondents overall said the security of data residing in the cloud is a executive or board-level concern. 

“The past few years have marked a paradigm shift in IT’s role, from provider to enabler,” said Rajiv Gupta, CEO of Skyhigh Networks, in a statement. “This survey, the largest of its kind, illustrates that companies are aware of the consumerization of IT but have room to more proactively address the security concerns of cloud adoption.”

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.