How Cloud Computing Impacts Corporate Security for Better or Worse

A recent study from Oracle and KPMG suggests that enterprises are deploying cloud computing services without enough concern for security. The study, which is based on responses from 450 IT professionals, found that business managers are pushing for cloud services deployments that make sensitive data more accessible for analysis and decision making. But the IT department is left with the responsibility of implementing and managing cloud systems while insulating sensitive data from cyber-thieves. But in too many cases security measures are falling short of protecting corporate data, according to the study. This slide show will cover what the study says about corporate efforts to implement cloud services while effecting protecting data assets.

More enterprises than ever are embracing cloud computing, according to the Oracle and KPMG study. Nearly nine in 10 respondents—87 percent, to be exact—say that they have a “cloud-first” strategy that puts the cloud ahead of on premises systems.

Moving so many business applications and data into the cloud also potentially makes it easier for hackers to access critical information. Fully 90 percent of the survey respondents reported that more than half of their cloud data is made up of “sensitive” information.

Not surprisingly, 80 percent of businesses said that they’re “concerned” about the possibility of cyber-criminals targeting their cloud services and accessing their important data. They’re also concerned about the security of their networks.

While survey participants agreed that they have put a lot of sensitive data on cloud systems, just 38 percent of companies say that detecting and responding to cloud security incidents would be their “number one cyber-security challenge.”

One of the biggest problems facing companies is how they’d respond if they were hacked. A staggering 86 percent of companies say they cannot “collect and analyze” a large portion of the information they need when security incidents occur. Such little insight means companies don’t know what happened and how it happened to assess the damage or to prevent it from happening again.

Employees are often a first line of defense when cloud services are hacked. But the KPMG and Oracle data suggests those employees aren’t doing what they should. In fact, 82 percent of IT leaders say that company employees are not following cloud security protocols, putting data at risk.

Enterprises are investing in machine learning to identify security weaknesses or analyze incidents. So far, 47 percent of the responding companies have some form of machine learning technology in the office that’s dedicated to cyber-security challenges.

A Cloud Security Architect tasked with identifying possible problems and responding to threats could help prevent serious cyber-attacks and data breaches. But so far, 41 percent of companies have actually hired a person for that role, the study found.

Looking ahead, companies see security automation, which reduces the amount of time and personnel dedicated to cloud security, as a priority. According to KPMG and Oracle, 84 percent of companies have expressed a commitment to increase security automation efforts in the future.

Seeing the importance of the cloud and securing data, companies seem prepared to spend more to safeguard corporate data. According to KPMG and Oracle, 89 percent of respondents said that they will increase their cloud cyber-security spending within the next fiscal year.