Exabeam research
shows companies are
embracing cloud-based
security tools
A survey has revealed that many companies have concerns about
migrating security tools to the cloud, due to concerns surrounding
data privacy and unauthorised access.
Exabeam, a Smarter SIEM company,
has announced the results of a
security practitioner survey that
reveal while many companies are beginning
to migrate security tools to the cloud, a
significant number have concerns. The
survey, conducted at the Cloud and Security
Expo in London, highlights data privacy,
unauthorised access, server outages and
integration as key concerns.
The survey shows a mixed picture
when it comes to firms migrating security
tools to the cloud. While just over half of
respondents (52%) began migrating to cloudbased
security products during or before
2018, around a fifth (18%) waited until 2019,
three percent started in 2020, 13% have
not yet started and the remainder don’t
know when they’ll migrate. Of those that
have started their migration, over half (58%)
have migrated at least one quarter of their
security tools to the cloud, while one third
(33%) said more than 50% of their security
tools are now cloud-based.
Typically, organisations migrate security
tools to the cloud to minimise the resources
and overhead associated with owning and
maintaining on-premises equipment and
software. This means security teams can
avoid system sizing, maintenance, uptime
management and product upgrades.
Reducing engineering effort to deploy and
maintain new solutions allows security
analysts to complete tasks faster and frees
engineers up to focus on other projects.
The survey results support this, with
improvements in monitoring and tracking
of attacks (29%) and reduced maintenance
(22%) considered the most important gains
from using cloud-based security tools.
CAPEX reductions (18%), faster time to value
(17%) and access to the latest features (13%)
are drivers for cloud adoption but considered
less important.
However, when asked what concerns
they have about moving security tools to
the cloud, data privacy (30%) remains high
on the list, with unauthorised access (16%),
server outages (14%), integration with other
security tools (14%) and data sovereignty
(13%) also being raised.
While 22% stated migration to the cloud
was not a priority for their organisation,
the results suggest a lack of understanding
about the migration issue as a whole.
Around a third (32%) said they did not
know what concerns their organisation has
about moving security tools to the cloud.
Furthermore, despite about a third (32%) of
respondents saying they consider it to be
too difficult or too risky to migrate security
tools to the cloud, nearly half said their
preference is to migrate legacy products to
the cloud (46%) rather than replace legacy
on-premises products with new cloudnative
security tools (54%).
Organisations are protecting a variety of
data types with cloud-based security tools,
with email the most widely protected (22%),
followed by customer information (21%),
file sharing (20%) and personnel files (18%).
However, few organisations (12%) have
extended cloud-based security to protecting
corporate financial information.
Sam Humphries, Security Strategist at
Exabeam, said: “As organisations modernise
their security operations, SaaS solutions
are increasingly becoming the deployment
model of choice. While the results of
this survey show that some security
professionals still have concerns, having
visibility into cloud services is vital and many
organisations are now taking a cloud-first
approach to security.” •
38