Automation, DevOps and unified security management key to cure cloud ills, says McAfee
Cloud services are becoming practically ubiquitous – but according to the latest study from McAfee, one in four organisations who use the public cloud has had their data stolen.
The findings appear in ‘Navigating a Cloudy Sky: Practical Guidance and the State of Cloud Security’, a report which surveyed more than 1,400 IT professionals around security concerns with private and public cloud services.
Usage numbers are as strong as one would expect – except for one. 97% of respondents said they were using cloud services of some form, while more than four in five (83%) say they store sensitive data in the public cloud. Yet while two thirds (65%) said they had a cloud-first strategy, this was down from last year’s ranking of 83%. McAfee puts this down to caution on the part of certain companies – but added that ‘the more they know, the more confident IT professionals are that cloud-first is the course they want to be on.’
A quarter of firms polled who use IaaS, PaaS or SaaS said they have had data stolen, while one in five has experienced an advanced attack against its public cloud infrastructure. This is particularly serious given the various types of sensitive data stored. 61% of firms polled said they stored personal customer information, while 30% store intellectual property and healthcare records.
With GDPR just around the corner – only a month away – organisations reported a significant increase in their compliance efforts. Fewer than 10% of respondents said they were dialling back investment in their cloud provider because of GDPR.
The report gives three best practice tips for organisations looking for greater security gains. Firms should, if they’re not already, explore DevOps and DevSecOps environments – ‘integrating development, quality assurance and security processes within the business unit or application team is crucial to operating at the speed today’s business environment demands’ – as well as invest in a unified management platform across multiple clouds and automation techniques.
“Despite the clear prevalence of security incidents occurring in the cloud, enterprise cloud adoption is pressing on,” said Rajiv Gupta, McAfee senior vice president. “By implementing security measures that allow organisations to regain visibility and control of their data in the cloud, businesses can leverage the cloud to accelerate their business and improve the security of their data.”
You can read the full report here (registration required).
Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.
- » DataOps preparation: It’s time to get your data out of silos and into the action
- » Netskope secures $340m in funding at $3bn valuation to further cloud security mission
- » Alibaba Cloud breaks $1.5bn in revenues amid hope of eCommerce migration encouragement
- » Spotting the elephant in the room: Why cloud will not burst colo’s bubble just yet
- » Human error and misconfigurations primary source of Kubernetes security snafus, report says