Posted in:

Companies still fail to grasp cloud security ownership: report

Latest Thales study reveals that organisations across the world still do not provide adequate protection to their sensitive data in their cloud environments despite regulatory compliance risks.

An increasing disparity has opened between the rapid growth of enterprise data stored in cloud and an organisation’s approach to cloud security, a survey has warned. While 48% of corporate data is stored in the cloud, only 32% of organisations polled by the Ponemon Institute on behalf of Thales admit they employ a ‘security-first’ approach to data storage in the cloud.

The 2019 Thales Global Cloud Security Study – which surveyed of more than 3,000 IT and IT security practitioners in Australia, Brazil, France, Germany, India, Japan, the UK and US – found that only 31% of respondent organisations believe that the protection of data in the cloud is actually their own responsibility.

Despite storing sensitive data in the cloud, 46% surveyed revealed that storing consumer data in the cloud makes them more of a security risk. Fifty-six percent also noted that it posed a ‘compliance risk’. In addition, organisations believe that cloud service providers bear the ‘most responsibility’ for sensitive data in the cloud (35%), ahead of shared responsibility (33%) and the organisations themselves (31%). Even though businesses are pushing the responsibility to cloud providers, only 23% say security is a factor in selecting them.

Over half of the businesses polled by Thales – 54% – think cloud storage makes it ‘more difficult’ to protect sensitive data, up from 49% in 2018. More than 70% believe that data in a cloud environment is harder to protect due to the complexity of managing privacy and data protection regulations, while an additional 67% cited the difficulty of applying conventional security methods in the cloud.

More details at:
https://safenet.gemalto.com/cloud-security-research/