Companies adopting cloud technologies lack effective communication and security practices, according to a survey of 300 information security specialists conducted by strategic consulting group Blue Lava and sponsored by data center security specialist vArmour.
Only 36 percent of survey respondents reported sharing security information with industry groups and more than half (52 percent) do not share any security information at all.
Information security professionals’ biggest worry is application layer security, according to survey results. Other significant concerns are being unaware of a security breach or malware and third-party access to their organization’s computing environment.
"Most information security technology has not changed in decades, creating opportunities for cyber criminals to bypass existing infrastructures," Demetrios Lazarikos, founder of Blue Lava Consulting, told eWEEK. "Additionally, emerging technologies like Cloud and IoT will be impossible to manage with legacy solutions. When you move into digital transformation, organizations need to move quickly to adopt new solutions. To compete with the digital revolution, you need to jump curves."
Seventy seven percent of survey respondents remain concerned by BYOD programs Other concerns include executive knowledge of security (65 percent); meeting regulatory compliance (65 percent); patching vulnerabilities (69 percent), and IoT traffic(69 percent).
"Information security specialists need to align with the terminology and the economics of the business," Lazarikos explained. "As data moves to the public cloud, aligning posture, terminology and economics brings success for those that adopt these business principles."
The survey found that while 11 percent of respondents report directly to the Board of Directors, nearly a third (29 percent) don’t believe there is enough Board oversight of security.
A majority of respondents (85 percent) expect a rise in breaches as they move to the cloud, and 76 percent have seen a budget increase as a result.
While nearly 30 percent are still driven by compliance, only 49 percent have taken a proactive risk-based approach.
The survey also revealed that more than 75 percent of the respondents are aggressively evaluating new vendors with agile security solutions versus considering traditional security vendors and approaches to protect their data centers.
"Information security strategies will be turned upside down, as organizations can’t transform themselves fast enough as the business goes completely digital," Lazarikos said. "Organizations will spend less on legacy information security technologies and more on emerging distributed security solutions."