Intel Security released Blue Skies Ahead? The State of Cloud Adoption, a global report advocating the need for technology vendors to help businesses, governments and consumers understand the implications surrounding the growing adoption of the cloud. With a majority (77 percent) of participants noting that their organizations trust cloud computing more than a year ago, just 13 percent completely trust public cloud providers to secure sensitive data. These findings highlight improved trust and security are critical to encouraging continued adoption of the cloud.
“This is a new era for cloud providers,” said Raj Samani, chief technology officer, Intel Security EMEA. “We are at the tipping point of investment and adoption, expanding rapidly as trust in cloud computing and cloud providers grows. As we enter a phase of wide-scale adoption of cloud computing to support critical applications and services, the question of trust within the cloud becomes imperative. This will become integral into realizing the benefits that cloud computing can truly offer.”
The cloud already has a strong impact in the daily lives of many people and businesses, with an ever-growing number of activities performed on digital devices leveraging cloud computing in some way. The increasing use of the cloud is underscored by our survey, which found that in the next 16 months, 80 percent of respondent IT budgets will be dedicated to cloud computing.
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA’s activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem.
Survey results also highlight:
- Cloud Investment Trends: A majority of organizations are planning on investing in infrastructure-as-a-service (IaaS) (81 percent), closely followed by security-as-a-service (79 percent), platform-as-a-service (PaaS) (69 percent), and lastly software-as-a-service (SaaS) (60 percent).
- Security and Compliance: A majority of respondents (72 percent) list compliance as the primary concern across all types of cloud deployments, and only 13 percent of respondents noted knowing whether or not their organizations stored sensitive data in the cloud.
- Security Risks and the Cloud: Perception and Reality: More than 1 in 5 respondents expressed their main concern around using SaaS is having a data security incident, and correspondingly, data breaches were a top concern for IaaS and private clouds. On the contrary, results found that less than a quarter (23 percent) of enterprises are aware of data breaches with their cloud service providers.
- The C-Suite Blind Spot: High-profile data breaches with major financial and reputational consequences have made data security a top-of-mind concern for C-level executives, however many respondents feel there is still a need for more education and increased awareness and understanding of risks associated with storing sensitive data in the cloud. Only one-third (34 percent) of respondents feel senior management in their organization fully understand the security implications of the cloud.
- Shadow IT, Risk and Opportunity: Despite IT departments’ activity to cull shadow IT activity, 52 percent of the lines of business still expect IT to secure their unauthorized department-sourced cloud services. This lack of visibility into cloud usage due to shadow IT appears to be causing IT departments concern when it comes to security, with a majority (58 percent) of respondents surveyed in Orchestrating Security in the Cloud noting that shadow IT has a negative impact on their ability to keep cloud services secure.
- Security Investment: Cloud security investment varies in priorities across the different types of cloud deployment, with the top security technologies leveraged by respondents being email protection (43 percent), Web protection (41 percent), anti-malware (38 percent), firewall (37 percent), encryption and key management (34 percent), and data loss prevention (31 percent).
“The cloud is the future for businesses, governments and consumers,” said Jim Reavis, chief executive officer of the Cloud Security Alliance. “Security vendors and cloud providers must arm customers with education and tools, and cultivate strong relationships built on trust, in order to continue the adoption of cloud computing platforms. Only then can we completely benefit from the advantages of the cloud.”
On April 14, Steve Grobman, Intel Security CTO and Intel Fellow, along with Brian Dye, Intel Security corporate vice president and general manager of corporate products, discussedthe report’s implications for federal government cloud deployments at the Security through Innovation Summit in Pentagon City, Virginia.
For more information on the report findings, visit the below links online:
- Infographic on challenges associated with the cloud
- Infographic on cloud adoption
- Blog: “No More Excuses—Time to Get a Grip on Your Cloud Security,” by
Rolf Haas, enterprise technology specialist, Intel Security
- Blog: “Cloud Security is in the Forecast,” by Richard Steranka, vice president, Global Channel Operations, Intel Security
- Webcast with Samani and Reavis on today’s top security concerns: Cloud Security Alliance: Top Security Challenges & Best Practices when Moving to the Cloud
Methodology of the survey
The survey, conducted by Vanson Bourne, interviewed 1,200 IT decision makers with influence over their organization’s cloud security in Australia, Brazil, Canada, France, Germany, Australia, Spain, the United Kingdom and the United States (350 interviews in the U.S., 150 interviews in Spain and the U.K., and 100 interviews in Australia, Brazil, Canada, France and Germany). Respondents were from a range of organizations with 251-500 employees to those with more than 5,000 employees.
Questionnaire surveys, such as the one conducted by Vanson Bourne and Intel Security, collect data at a single point in time and are limited in their ability to collect complex and nuanced responses. Furthermore, they are not independently able to support long-term conclusions.