There may be significant coverage gaps when it comes to Cloud and security.
The COVID-19 pandemic has accelerated digital transformation for 81 per cent of organisations in Australia and New Zealand (A/NZ). However, this increase in cloud adoption may leave business data insecure.
Organisations in the countries are embracing digital transformation and adopting the cloud at an accelerated rate. However, Trend Micro recently released research indicates there is a clear disconnect in the understanding of the cloud shared responsibility model which could result in exposure to reputational and financial damage.”
The survey confirms a simple misconception that can lead to serious security consequences. While cloud infrastructure is secure, customers are responsible for securing their own data – which is the basis of the Shared Responsibility Model for cloud.
Nearly all (86 per cent) of A/NZ respondents say they are confident they understand their cloud security responsibility, but 99 per cent also believe their cloud service provider (CSP) offers sufficient data protection.
Of those surveyed, less than half (47 per cent) can say they are ‘very’ confident in securing their organisation’s part of the cloud-based responsibility model.
This suggests that there may be significant coverage gaps and confirms that the shared responsibility is not understood.
Trend Micro Research has found that misconfigurations are the number one risk to cloud environments, which can happen when companies don’t know their part of the Shared Responsibility Model.
The surveyed A/NZ organisations seem to be confident in their cybersecurity posture in the cloud, as:
- 40 per cent claim the acceleration in cloud migration has increased their focus on security best practices
- 85 per cent believe they are fully or mostly in control of securing their remote work environment
- 82 per cent believe they will be fully or mostly in control of securing their future hybrid workplace.
Despite this confidence, many respondents in A/NZ also admitted to experiencing security related challenges:
- 55 per cent said that security is a “very significant” or “significant” barrier to cloud adoption
- Patching (41 per cent), setting consistent policies (39 per cent), and lack of integration with on-premise security technologies (36 per cent) were cited as the top three day-to-day operational headaches of protecting cloud workloads
- Lack of integration with on-premises security technologies (43 per cent), data privacy (38 per cent) and compliance (28 per cent) were reported as significant barriers in migrating to cloud-based security tools.
Security solutions for cloud environments rated most important to responding organisations were network protection (27 per cent), Cloud Security Posture Management (27 per cent) and Container protection (18 per cent) tools.
Trend Micro commissioned Sapio Research to interview 2565 decision makers in 28 countries, across several industry sectors, and from organisations of all sizes, with a focus on large enterprise.