Palo Alto Networks has released a report that uncovers the truth about the state of cloud security among large enterprises across Asia-Pacific including India, with many cases where perception doesn’t match the reality of professionals who know best.
Conducted by Ovum Research, the report titled “The Asia-Pacific Cloud Security Study” shows that large enterprises, defined as those with more than 200 employees, are not prepared for cloud-related cybersecurity threats, and more importantly, make the assumption that public clouds are secure by default.
In fact, 72 percent of security decision-makers in large Indian enterprises believe that security provided by their cloud providers is sufficient to protect them from cloud-based threats.
“Organisations need to recognise that cloud security is a shared responsibility,” said Anil Bhasin, regional vice president, India and SAARC at Palo Alto Networks. “While cloud providers are responsible for the security of their infrastructure, the onus is on companies themselves to secure their data and applications stored in that infrastructure.”
Large Organisations Have Many Security Tools, but Lack a Unified View of Security
Among the Indian companies surveyed, 47 per cent operate with more than 10 security tools to secure their cloud.
However, having numerous security tools creates a fragmented security posture, adding further complexity to managing security in the cloud, especially if the companies are operating in a multi-cloud environment.
The multi-cloud approach creates a dangerous lack of visibility that is prevalent in 50,per cent of large organisations in India, according to Ovum.
The ubiquity of multi-cloud deployments in large organisations calls for a unified view of all cloud-native services. It is ideal for organisations to have a central console that uses technologies such as artificial intelligence to help prevent known and unknown malware threats, and quickly remediate accidental data exposure when it arises.
Large Organisations Lack Cloud Security Audits and Training
The need for automation is further underscored by the study, which revealed that large enterprises do not have enough time and resources to dedicate to cloud security audits and training.