More than half (61%) of security professionals believe the risk of a security breach is the same or lower in the cloud compared to on-premise according to new research from Nominet.
The firm surveyed nearly 300 C-level security professionals from the UK and the US to compile its new “Cyber security and the cloud (opens in new tab)” report which marks a major tipping point in the perception of security in the cloud.
Nominet's research found that 71 percent of those surveyed were either moderately, very or extremely concerned about malicious activity in cloud systems. When it came to their biggest concerns regarding cloud security, 56 percent of respondents cited fines for data leaks while 54 percent worry about the increasing sophistication of cyber criminals.
- Companies don't think their cloud can keep up with security
- These are the best cloud firewalls on the market
- Cloud traffic is dominating enterprise networks
VP of Cyber Security at Nominet, Stuart Reed explained how the perceived risk gap between cloud and on-premise has disappeared, saying:
“Security has traditionally always been cited as a barrier to cloud adoption, so it is significant that the perceived risk gap between cloud and on-premise has disappeared. It is evident that security concerns are no longer an insurmountable barrier to cloud deployments given the high adoption rate of cloud services. And, as we move into the ‘cloud era’, arguably security teams need to channel their concern into finding solutions that work with the cloud, just as they have been doing in an on-premise environment. The shift in attitude between on-premise and cloud doesn’t change the remit for security teams, it just puts us on a different type of playing field.”
Multi-cloud vs single-cloud
Nominet's research also took a deeper look into the relative security of cloud storage strategies to discover that a multi-cloud approach is seen to be more risky than either hybrid or single-cloud approaches.
Organizations that adopted a multi-cloud approach were far more likely to have suffered a data breach over the past 12 months at 52 percent versus 24 percent of hybrid-cloud users and 24 percent of single-cloud users. Adopting a multi-cloud approach also caused organizations to suffer a larger number of breaches with 69 percent of respondents suffering between 11-30 breaches compared to 19 percent of those from single-cloud and 13 percent from hybrid-cloud businesses.
Reed explained that while adopting a multi-cloud approach makes sense on paper, the real-world implications are quite different, saying:
“When it comes to ensuring resilience and being able to source ‘best-in-class’ services, using multiple vendors makes sense. However, from a security perspective, the muti-cloud approach also increases exposure to risk as there are a greater number of parties handling an organisation’s sensitive data. This is exactly why an eye must be kept on integration and a concerted effort be made to gain the visibility needed to counter threats across all different types of environments.”
Nominet also questioned C-level security professionals about cloud security tools deployed at their organizations to find that firewalls (55%), email security (52%), antivirus/anti-malware (48%) and data loss prevention (48%) were the most popular and that the majority (57%) of respondents expect their cloud security budget to increase in the next 12 months.
- Also check out the best cloud storage