A recent survey also finds that just 32 percent of companies believe the cost savings gained from cloud computing outweigh security considerations.
recent survey has found that 32 percent of companies believe the cost savings
associated with cloud computing outweigh security considerations for their
organization, up from 26 percent in 2010. In addition, 69 percent of
respondents would be more likely to consider cloud vendors that are PCI- or FISMA
(Federal Information Security Management Act)-compliant, compared with 63
percent in 2010.
security and compliance auditing solutions specialist nCircle announced the
results of the company's 2011 Information Cloud Computing Study. The results
are based on a survey of 551 respondents in the IT security industry, including
senior management, IT operations, security professionals, and risk and audit
managers. The survey was conducted between March 17 and March 25, 2011, and
covered a range of security topics.
those surveyed, 69 percent of companies are considering cloud computing, up
from 66 percent in 2010. "These results are a clear indication that there
is demand for specific and tangible assurance of security and compliance
measures from cloud vendors," said Tim Keanini, CTO for nCircle. "IT
security professionals are informed buyers. They know that cloud vendors
currently produce very little evidence of their internal security and
compliance processes and do not allow their customers to conduct their own
security and compliance audits."
included in the study were technology, federal government, financial services,
health care and education, among others. Over 40 percent of those surveyed have
a security role in their organizations, while IT operations make up almost a
quarter of the total respondents. Over half of the 551 respondents stated that
their organizations staff more than 2,000 employees. Of those surveyed, 96
percent are located in the United States, while 1.5 percent are located in
Ecuador and less than 1 percent each are in Belgium, India and Northern Mariana
similar survey from nCircle identified the top three security concerns for
2011, which include meeting security compliance requirements, cloud computing
and advanced persistent threat. Nearly half (48 percent) of respondents said
that the economic downturn has impacted security initiatives in their
organization, an 11 percent increase from 2010.
2010, only 6 percent of respondents saw the economic downturn as a key factor
in the increase of external threats; in 2011 the number of respondents citing
the same concern increased 9 percent. In addition, 18 percent of respondents
said that the economic downturn slowed the progress of compliance initiatives,
a 30 percent increase from 2010. The survey also found 44 percent of companies
don't believe their companies effectively measure and report on security risk
reduction and compliance, a 7 percent increase from 2010, and 30 percent of
companies don't adequately enforce their own security policies.
network and information security risks and demonstrating continuous compliance
continue to be key enterprise security priorities. Concern about smartphone
security doubled from 4 percent in 2010 to 8 percent in 2011; however, meeting
security compliance requirements and Web application vulnerabilities continue
to be the key issues for enterprise security teams, according to survey