Is rising cloud adoption leaving business data insecure?

The COVID-19 pandemic has accelerated digital transformation for 81% of organisations in Australia and New Zealand, according to survey results released by Trend Micro Research. However, this increase in cloud adoption may leave business data insecure.

Ashley Watkins, Vice President, Commercial, ANZ, said organisations in Australia and New Zealand are embracing digital transformation and adopting the cloud at an accelerated rate. However, she cautioned that there is a clear disconnect in the understanding of the cloud shared responsibility model, which could result in exposure to reputational and financial damage.

The survey reveals that while cloud infrastructure is secure, customers are responsible for securing their own data — which is the basis of the Shared Responsibility Model for cloud. Nearly 86% of Australian/New Zealand respondents said they are confident they understand their cloud security responsibility, but 99% also believed their cloud service provider (CSP) offers sufficient data protection.

Of those surveyed, 47% said they are ‘very’ confident in securing their organisation’s part of the cloud-based responsibility model. This suggested that there may be significant coverage gaps and indicates that the shared responsibility is not understood.

Trend Micro Research revealed that misconfigurations are the primary risk to cloud environments, which can happen when companies don’t know their part of the Shared Responsibility Model. The surveyed organisations were confident in their cybersecurity posture in the cloud, with 40% claiming the acceleration in cloud migration has increased their focus on security best practices.

Additionally, 85% believed they are fully or mostly in control of securing their remote work environment, while 82% believed they will be fully or mostly in control of securing their future hybrid workplace. Despite this, 55% of respondents said that security is a ‘very significant’ or ‘significant’ barrier to cloud adoption.

Patching (44%), setting consistent policies (39%) and lack of integration with on-premise security technologies (36%) were the top three day-to-day operational headaches of protecting cloud workloads. Lack of integration with on-premises security technologies (43%), data privacy (38%) and compliance (28%) were also significant barriers in migrating to cloud-based security tools.

“Despite the challenges faced by A/NZ organisations, there are ready, easy-to-use products available on the market which will address privacy concerns, support compliance and ultimately avoid unnecessary risk,” Watkins said.

Security solutions for cloud environments rated most important to responding organisations were network protection (27%), cloud security posture management (27%) and container protection (18%) tools.

Image credit: ©stock.adobe.com/au/Connect world