Story image

Stalemate: Businesses aware of cloud benefits but wary of risks

16 Aug 18

Everyone is aware of the huge benefits cloud computing has for data management and storage.

Gartner has predicted cloud computing to be a whopping US$300 billion industry by 2021 as companies continue to adopt cloud services to achieve their desired digital business outcomes.

It’s no secret that cloud services can offer the speed and agility that digital business requires, in addition to substantial cost savings and the generation of new resources.

However, a new survey from Gartner of 110 senior executives in risk, audit, finance, and compliance within large global organisations has revealed while they’re well aware of the benefits, they’re also wary of the risks.

The research giant’s latest quarterly ‘Emerging Risks Report’ found that Cloud computing comes in as the top risk despite its multiple novel opportunities. The new risks identified included cybersecurity and GDPR, making cloud solutions vulnerable to security threats not bargained for.

Additional information security risks like cybersecurity disclosure ranked among the top five concerns of the surveyed executives.

Information security came out on top again when the respondents were asked to rank the most volatile high-impact risks that have the ability to cripple an organisation, with social engineering and GDPR compliance cited as most likely to cause the greatest enterprise damage.

However, at a deeper level only 18 percent of the cross-functional executives that were surveyed consider social engineering to be a significant enterprise risk.

It’s clear that businesses need to look within if they want to protect their (and users’) data, as Gartner says through 2022 at least 95 percent of cloud security failures will be the fault of the organisation. This comes as cybercrime becomes increasingly developed with tactics like social engineering tailored to jeopardise sensitive data.

“Executives are right to expand cloud services as part of their digital business initiatives, but they need to ensure their cloud security strategy keeps up with this growth,” says Gartner practice leader Matthew Shinkman.

“Leaders should start by clearly identifying their most at-risk areas, which remain obscure to many large organisation leaders.”

Gartner says from this report (and other research papers in addition to real-life incidents), while businesses increasingly opt for cloud solutions, they’re still struggling with security.

Despite record global spending on information security over the last two years, organisations have lost approximately $400 billion to cybercrime.

“Executives should promote risk awareness throughout the organisation. A strong risk culture helps employees make the right decisions and mitigates poor outcomes,” Shinkman says.

How to stay safe when shopping online
Online shopping is a great way to avoid the crowds – but there are risks.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Why data backups should be a part of daily operations
"Disaster recovery needs to address complete system failure and provide a set of security policies to govern disaster incidents."
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.