Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

US Tech Sector Feels Pain from PRISM

WASHINGTON – Revelations about vast US data collection programs are starting to hit American tech companies, which are ramping up pressure for increased transparency to try to mitigate the damage.

WASHINGTON – Revelations about vast US data collection programs are starting to hit American tech companies, which are ramping up pressure for increased transparency to try to mitigate the damage.

The Cloud Security Alliance said last month that 10 percent of its non-US members have cancelled a contract with a US-based cloud provider, and 56 percent said they were less likely to use an American company.

A separate report this month by the Information Technology & Innovation Foundation, or ITIF, a Washington think tank, said US cloud providers stand to lose $22 billion to $35 billion over the next three years due to revelations about the so-called PRISM program.

Daniel Castro, author of the report, says a loss of trust in US tech firms could lead to “protectionist” measures that hurt the fast-growing cloud sector.

“The risk is that a country like Germany will say you have to be a German company to provide data services in Germany,” Castro told AFP.

“I don’t think that helps anyone. We do benefit from free trade and the robust competitiveness in the tech industry.”

The report notes that the United States dominates the cloud computing market both domestically and abroad, and that US firms could lose between 10 and 20 percent of the foreign market in the next few years.

Tech companies, especially firms in cloud computing, have been in a frenzy since details leaked in June about surveillance efforts led by the secretive National Security Agency, including PRISM, believed to scoop up massive amounts of data as part of efforts to thwart terrorism.

Castro said in his report “the disclosures of the NSA’s electronic surveillance may fundamentally alter the market dynamics.”

The news “will likely have an immediate and lasting impact on the competitiveness of the US cloud computing industry if foreign customers decide the risks of storing data with a US company outweigh the benefits,” he wrote.

Much concern in being expressed in Europe. Estonian President Toomas Hendrik last month urged the EU to develop its own cloud industry, noting that 95 percent of the services come from US firms.

“Recent months have proven once again that it’s very important for Europe to have its own data clouds that operate strictly under European legislation,” he said.

Some analysts say losses could be even greater than the ITIF predicts, if the fallout affects consumer-based services like email and search. And Forrester Research analyst James Staten argued that, in addition to the loss of foreign customers, US customers may look overseas for cloud services, and the rest of the tech sector could also see an impact.

“Add it all up and you have a net loss for the service provider space of about $180 billion by 2016, which would be roughly a 25 percent decline in the overall IT services market,” Staten said.

The tech sector has been active on several fronts, filing court cases and making public pleas to the US administration for more transparency, in the hope that fuller disclosure will ease fears about how data is shared.

Six large high-tech lobby groups sent a letter to President Barack Obama this month asking for such steps, saying more transparency “can assist in reestablishing trust, both domestically and globally.”

Ross Schulman of Computer & Communications Industry Association, one of the tech associations, said “the lack of information is compounding the trust problem.”

Schulman said it’s not clear if the volume of data collected by the government is more or less than people believe. “If it’s less, that could help trust,” he said.

“If it’s more, people could have an informed discussion of surveillance practices.”

But in the current situation, he said, “it’s difficult to go to customers and say the cloud is the best place for your data.”

Related Reading: Estonia Urges EU to Rely Less on US ‘Clouds’

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cloud Security

Orca Security published details on four server-side request forgery (SSRF) vulnerabilities impacting different Azure services.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cloud Security

Cloud Disaster Recovery - Ingredients for a Recipe that Saves Money and Offers a Safe, More Secure Situation with Greater Accessibility