Today McAfee releases its annual report examining the current state of cloud adoption, with in-depth analysis exploring how organizations are using cloud services today, where they plan to take their services next, how quickly they think they can get there and their methods for dealing with critical obstacles. McAfee uncovered that the lack of trained cybersecurity professionals is causing forty percent of IT leaders to slow cloud adoption.
To make up the difference, businesses and governments are partnering with consultants, managed service providers, and their cloud providers to augment and magnify in-house capabilities to better position themselves against attacks when short-staffed.
Timed with this report, McAfee will also be announcing cloud-centered updates to its solutions portfolio. Through these solutions, organizations are able to reduce the number of technologies deployed to protect cloud environments.
Key Findings:
- Ninety-seven perfect of organizations use cloud services (public, private, or a combination of both), up from ninety-three percent one year ago
- Sixty-five percent have a cloud-first strategy, down from eighty two percent one year ago
- Eighty-three percent store sensitive data in the public cloud but only sixty nine percent trust the public cloud to keep their sensitive data secure
- Forty percent of IT leaders are slowing cloud adoption due to a shortage of cybersecurity skills
- One-in-four respondents have experienced data theft from the public cloud (found for both Software-as-a-Service and Infrastructure-as-a-Service)
- One-in-five respondents have experienced an advanced attack against their public cloud infrastructure
Nigel Hawthorn, Data Privacy Expert at McAfee commented below.
Nigel Hawthorn, Data Privacy Expert at McAfee:
“The implementation of the incoming GDPR, due to come into force in just over a months’ time, will affect cloud users around the world. Becoming GDPR compliant requires a combination of knowledge, processes, policies, technology and training, as well as detailed understanding of data flows to and from third parties and cloud services. With this in mind, it is concerning that only half of the respondents stated that all of their cloud providers have a plan in place for GDPR compliance.
“Businesses must confidently understand GDPR compliance gaps and implement necessary controls to address them across all cloud services – including the likes of Office 365, Box, Salesforce and Slack, as well as custom applications running in public infrastructure-as-a-service platforms. The extensive requirements it will introduce will be a welcome addition to those 56% of professionals surveyed who had tracked a malware infection back to a cloud application. Whether intentional or accidental, one of the biggest cyber threats is from those inside the organisation. However, data can be effectively protected by restricting sensitive information to only managed devices, using behavioural analytics to detect any unusual activity, and having plans in place to react quickly to correct any threats in the event of a breach in the cloud.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.