EDITOR ’ S QUESTION
HOW CAN ORGANIZATIONS IMPROVE THEIR CLOUD SECURITY ?
The 2022 Thales Cloud Security Report reveals that 45 % of businesses have experienced a cloud-based data breach or failed audit in the past 12 months , up 5 % from the previous year , raising greater concerns regarding protecting sensitive data from cybercriminals .
Globally , cloud adoption and notably multi-cloud adoption , remains on the rise . In 2021 , organizations worldwide were using an average amount of 110 Software-as-a-Service ( SaaS ) applications , compared with just eight in 2015 , showcasing a startlingly rapid increase .
There has been a notable expansion in the use of multiple IaaS providers , with almost three-quarters ( 72 %) of businesses using multiple IaaS providers , up from 57 % the year before . The use of multiple providers has almost doubled in the last year , with one in five ( 20 %) of respondents reporting using three or more providers .
Despite their increasing prevalence and use , businesses share common concerns about the increasing complexity of cloud services with the majority ( 51 %) of IT professionals agreeing that it is more complex to manage privacy and data protection in the cloud .
Additionally , the journey to the cloud is also becoming more complex , with the percentage of respondents reporting that they ’ re expecting to lift and shift , the simplest of migration tactics , dropping from 55 % in 2021 to 24 % currently .
Security challenges of multi-cloud complexity
With increasing complexity comes an even greater need for robust cybersecurity . When asked what percentage of their sensitive data is stored in the cloud , a solid majority ( 66 %) said between 21 – 60 %. However , only a quarter ( 25 %) said they could fully classify all data Additionally , nearly a third ( 32 %) of respondents admitted to having to issue a breach notification to a government agency , customer , partner or employees . This should be a cause for concern among enterprises with sensitive data , particularly in highly regulated industries .
Cyberattacks also present an on-going risk to cloud applications and data . Respondents reported an increasing prevalence of attacks , with a quarter ( 26 %) citing an increase in malware , 25 % in ransomware and one-fifth ( 19 %) reporting seeing an increase in phishing / whaling .
Protecting sensitive data
When it comes to securing data in multi-cloud environments , IT professionals view encryption as a critical security control . The majority of respondents cited encryption ( 59 %) and key management ( 52 %) as the security technologies they currently use to protect sensitive data in the cloud . However , when asked what percentage of their data in the cloud is encrypted , only 11 % of respondents said between 81 – 100 % is encrypted . Additionally , key management platform sprawl may be an issue for enterprises . Only 10 % of respondents use one to two platforms , 90 % use three or more , and almost one in five ( 17 %) admitted using eight or more platforms .
Encryption should be a priority area for enterprises to focus on when it comes to securing data in the cloud . In fact , 40 % of respondents stated that they were able to avoid the breach notification process because the stolen or leaked data was encrypted or tokenized , showcasing the tangible value of encryption platforms .
32 INTELLIGENTCIO APAC www . intelligentcio . com