Cloud security continues to be a significant concern for cybersecurity professionals as 96% are moderately concerned and 32% are extremely concerned.
A Fortinet 2021 Cloud Security Report survey conducted by Security Insiders found that cloud security concerns among cybersecurity professionals remains high as the adoption of public cloud computing continues to surge in the wake of the pandemic and the resulting massive shift to remote work.
Organizations continue to rapidly migrate workloads from data centres to the cloud, and the trend has been accelerating during the recent Covid pandemic. The report indicates that 33% of organizations are running more than half of their workloads in the cloud today, and that number is set to rise to 56% in the next 12–18 months.
Multi-cloud adoption is very much the norm as organizations were found to be operating in an expanded and diverse digital landscape. 71% of organizations are pursuing a hybrid or multi-cloud strategy as cloud is the preferred choice for integration of multiple services, scalability, or business continuity reasons. 76% of organizations are using two or more cloud providers and hybrid still accounts for more than one-third of the deployments.
Among the key barriers to faster cloud adoption, survey participants mentioned lack of visibility (53%), lack of control (46%), lack of staff resources or expertise (39%), and high cost (35%) as the most significant negative factors.
Misconfiguration of cloud security remains the biggest security risk according to 67% of cybersecurity professionals in the survey. This is followed by exfiltration of sensitive data (59%)and tying at 49% are unauthorized access and insecure interfaces/APIs.
Multi-cloud environments add complexity and security challenges as organizations are most concerned with data protection (58%) followed by a lack of security skills (57%) and understanding how different solutions fit together (52%).
Seventy-eight percent of surveyed cybersecurity professionals would find it very helpful to extremely helpful to have a single cloud security platform offering a single dashboard while allowing for configuration of policies to protect data consistently and comprehensively across the cloud.
When asked how organizations source their cloud security, the vast majority said they prefer cloud native security (74%). This is followed by third-party cloud security solutions (48%) and managed service providers delivering security services (34%).
Finally, organizations choose between cloud security solutions offered by independent third-party providers and the cloud-native security solutions offered by the cloud platform based on cost of the security solution (60%), followed by low solution complexity (59%) and ease of use (52%).
“Organizations are grappling with a diverse set of tools that deliver disparate controls and highly variable security posture, specific to each cloud platform. Deeply integrated, cloud-native solutions can bridge this complexity by providing visibility, protection and control through consistent policies that span the diverse array of multi-cloud and hybrid cloud environments. A common security framework not only delivers uniform security posture, it also simplifies cyber defense, compliance reporting and data sharing. With this approach organizations can freely adopt whichever cloud platform that suits their particular needs, confident that their data and applications will be safe, resilient and secure,” said Rajesh Maurya, Regional Vice President, India & SAARC at Fortinet.