The Cloud - private, public and/or hybrid - has many benefits, but security will continue to be an ongoing challenge.
While overall IT budgets are experiencing minimal growth - a compound annual growth rate of 0.9 percent in 2016 (to $3.4 trillion) - the sky is the limit when it comes to cloud: Cloud infrastructure spending will increase 16.2 percent in 2016 to $37.4 billion, with a 5-year CAGR of 13.6 percent to $60.8 billion in 2020. That’s just the hardware; public cloud services are expected to reach $208 billion in 2016, up from $178 billion in 2015. Gartner attributes the growth to the fact that organizations are saving 14 percent of their budgets as an outcome of public cloud adoption.
Cloud adoption is already huge, and accelerating because it offers a number of potential benefits, but especially better cost controls, savings - up to 14 percent lower costs than on-premise - more agility and improved security. Cloud, especially one hosted by a third-party provider, which accounts for the bulk of cloud spending, is supposed to provide a safer environment than an internal IT department, with access to better and more resources. Cloud service providers can focus on providing secure offerings, allowing their clients to focus on their businesses.
As with every other aspect of the digital universe, threats to, and concerns about cloud security are growing. Cloud computing turns the traditional IT paradigm - keeping the bad guys out and information in with on-prem - to putting information into a third-party’s hands and (potentially) accessible by everyone, at any time, from any place.
According to a survey of more than 2,200 cybersecurity professionals, security concerns top the list of barriers to cloud adoption:
The biggest cloud security threats were:
One in three organizations say external sharing of sensitive information is the biggest security threat. The top three security headaches moving to the cloud include:
While cybersecurity budgets are outgrowing IT spending in general, they’re not keeping pace, and this is a source of growing concern. A recent survey found that many businesses simply aren’t adopting appropriate governance and security measures to protect sensitive data in the cloud.
“Cloud security continues to be a challenge for companies, especially in dealing with the complexity of privacy and data protection regulations,” said Larry Ponemon, chairman and founder, Ponemon Institute.
Cloud - and cloud service providers - offer the potential for great benefits, including tighter security, with more resources and expertise than are available with on-prem. However, those benefits also come with great risks, including bigger threat surfaces and loss of control. For a safer and more secure journey to the cloud, organizations must balance the benefits with the risks and ensure that their digital assets are protected regardless of where they may be found.
The following are the ten steps that cloud service customers should take to evaluate and manage the security of their cloud environment with the goal of mitigating risk and delivering an appropriate level of support, as recommended by the Cloud Standards Customer Council:
Information belonging to over 100 Italian banks breached by the Ursnif banking trojan was obtained by Avast Threat Labs, which then shared the data with as many of the victims as could be identified.
Avast researchers obtained information that the Ursnif banking Trojan has targeted 100 Italian banks and may have thousands of victims.