There’s a new cloud security survey out this week, and it shows what I’ve been arguing for some time: Security, while still named a top concern of cloud adoption, is not the No. 1 issue.
Most industry leaders agree that the security provided by top-tier cloud providers is equal, if not superior, to what many organizations can do in-house when it comes to keeping their systems and data secure. When you look behind the numbers — and you speak with dozens of CIOs and CISOs in charge of enterprise security — you see it’s more about having transparency and audit capabilities of cloud service providers. To keep stubbornly attaching “security” as the primary objection makes it too easy to gloss over this critical difference.
The new survey is the 2016 Cloud Security Spotlight Report, conducted by CloudPassage. It’s based on more than 2,200 information security professionals who are members of the Information Security Community on LinkedIn. This is the second year for the survey.
In this year’s report, 91% say that they are either very (44%) or moderately (47%) concerned about public cloud security. And, according to respondents, the top three headaches to adopting cloud infrastructure are: verifying security policies (51%), visibility (49%) and compliance (37%).
Fortunately the cloud tools that provide visibility and more granular controls into cloud systems are available and getting better every month. This wasn’t the case just a couple of years ago.
Other key findings include:
- The vast majority (84%) of information security professionals who responded to the report aredissatisfied with traditional security tools when applied to cloud infrastructure. They responded that traditional network security tools are somewhat ineffective (48%); are completely ineffective (11%); or can’t be measured for effectiveness (25%) in cloud environments.
- Faster time to deployment (47%) is the No. 1 driver of cloud-based security solutions. Also making the Top 10 list are: reduced effort around upgrades (2), automation (4), easy policy management (5), better performance (6) and protection focused on the workload/instance (8).
- Almost two-thirds (61%) stated that security slowed down (46%) or was ignored completely (15%) in continuous development methods like DevOps.
For Full Story, Please click here.