Aussie firms might not be ready for NDB
Less than six weeks before Australia’s notifiable data breach regulation takes effect, just one in three Australian organisations are taking a proactive approach to handling sensitive and confidential information compliantly in the cloud, research indicates.
A survey commissioned by Gemalto and conducted by the Ponemon Institute found that less than half (46%) of Australian respondents agree that their organisation is careful about sharing confidential or sensitive information with third parties in the cloud.
In addition, just 54% of Australian respondents said their organisations evaluate cloud providers prior to deployment or engagement, and less than half (48%) require the use of security safeguards for certain cloud applications.
Shadow IT is also providing ongoing challenges for Australian organisations, with 61% reporting that they are not confident they know all the cloud computing apps, platform or infrastructure services their organisation is using — the highest among all countries surveyed.
Businesses in Australia are also the most likely to want to see strong authentication methods to access data and applications in the cloud put in place to ensure only authorised people have access to sensitive data and applications (92%).
Globally, half of organisations believe that payment information (54%) and customer data (49%) is at risk in the cloud, 57% think that using the cloud increases compliance risk.
On average, only 40% of data stored in the cloud is secured with encryption and key management solutions.
Three in four respondents also agree that it is more difficult to manage privacy and data protection regulations in a cloud environment than on premise networks, and 88% of organisations globally believe that the UK’s upcoming General Data Protection Regulation (GDPR) will require changes in cloud governance.
“The benefit of the cloud is its convenience, scalability and cost control in offering options to businesses that they would not be able to access or afford on their own, particularly when it comes to security,” Gemalto CTO for Data Protection Jason Hart said.
“However, while securing data is easier, there should never be an assumption that cloud adoption means information is automatically secure. Just look at the recent Accenture and Uber breaches as examples of data in the cloud that has been left exposed.”
How AI agents will transform enterprise IT operations
Implementing AI agents requires careful consideration of where the technology fits, what risks it...
Who should take the lead in responsible AI?
The companies that treat responsible AI as a necessity today will be the ones defining the...
Why there's no efficient automation without integration
It's not enough for organisations to simply use AI: they must leverage it in a way that...
