Page 43 - EE|Times Europe Magazine - December 2020
P. 43
EE|Times EUROPE 43
Shifting to Cloud Makes Security More Difficult
Top cloud security concerns among organizations
Data loss/leakage 44%
Identifying and responding 41%
to security incidents
Managing multiple 28%
public cloud providers
Identifying sudden 27%
increases in cloud spend
For the companies surveyed by Sophos, data
Staying compliant with 26%
relevant regulations loss is the top worry, sparked by the rapid shift
to the cloud. That transition has resulted in
Managing user roles 26%
and permissions the fractured distribution of data, hindering
visibility. Security teams must often switch
Convincing senior management of the 25% between multiple platforms for a complete
need to invest in cloud security
picture of cloud assets.
Lack of staff expertise 25% (Source: Sophos, “The State of Cloud Security 2020”)
Lack of visibility of our infrastructure 24%
Security can’t keep up with 24%
the pace of our developers
My organization does not have any public 3%
cloud security concerns
Don’t know 1%
0% 20% 40% 60% 80% 100%
Combination of responses ranked first, second, and third for the question, “ What are your organization’s biggest public cloud security concerns?”
concerned about the public cloud. Nearly mentations, remote workers can now access across their hybrid cloud was the lack of a
70% use two or more different providers, the cloud proxy that’s inspecting traffic. centralized view of information from their
making it more complex for security teams Not all CASB implementations are as security tools.
to enforce security and compliance across fully functional as they could be, according
the different environments. to a recent Cloud Security Alliance (CSA)
An IBM Institute for Business Value sur- study. While nearly 90% of IT respondents What makes shifting to the
vey concluded, “While [the shared] respon- use or are researching the use of a CASB, cloud easy also makes it easy
sibility model is necessary for the hybrid, half don’t have enough staff to fully utilize
multi-cloud era, it can also lead to variable cloud security solutions. Nearly a third use for attackers, once they’ve
security policies and a lack of visibility multiple CASBs to meet their needs, and
across cloud environments. Organizations just over a third said complexity prevented gotten access credentials,
that are able to streamline cloud and secu- fully realizing the solutions’ potential. The to quickly target and
rity operations can help reduce this risk, report calls for solutions that are integrated
through clearly defined policies which apply into a larger security portfolio and can be exploit a company’s cloud
across their entire IT environment.” deployed faster. environment.
A survey released earlier this year on
NEW THIRD-PARTY MODELS NEEDED hybrid cloud security by FireMon found that
To handle the expanded attack surface enterprises are rapidly transitioning to the Of the IT managers polled in the Sophos
resulting from the now highly distributed public cloud, but the speed of adoption, study, 96% are concerned about their
environment, many cloud cybersecurity pro- combined with scaling and complexity, current level of cloud security. “This high
viders and others in the industry are calling creates security challenges. number speaks more to awareness than
for cloud-native cybersecurity in third-party Complexity is increasing because of the anything else,” said Shier. “They know
cloud cybersecurity products, and a single number of vendors and enforcement points they have data that’s important, they know
control point. needed to secure cloud networks, and users it needs to be protected, and they know
McAfee, for example, told EE Times are finding it difficult to integrate all the there are definite risks to that data. I think
earlier this year that its cloud-native Cloud disparate tools. This decreases visibility, at this concern comes on the heels of greater
Access Security Broker (CASB) solution a time when available staff and budgets are awareness and knowing there’s no ‘security
complements cloud-based firewall and also declining. The combination is ripe for through obscurity’ available by going to the
proxy functions that typically surround a the misconfiguration errors that are respon- cloud.” ■
traditional IT network. Instead of access- sible for most breaches. Nearly a quarter of
ing a corporate network via VPN before respondents said their biggest challenge in Ann R. Thryft is a contributing editor for
connecting to IaaS, PaaS, or SaaS imple- managing multiple network security tools AspenCore.
www.eetimes.eu | DECEMBER 2020
