Cloud security is anything but mastered

Cloud security is anything but mastered Cybersecurity

According to a study by the Enterprise Strategy Group for Oracle and KPMG, understanding cloud security remains problematic for companies.

The success of the public cloud is growing: 90% of companies use SaaS and 76% of IaaS, 50% plan to transfer all their data to it within two years even though 75% have already suffered several losses of data in link with a cloud service. Ten incidents of data loss were thus identified on average by those who detected faults. Cloud security is indeed anything but under control. This is revealed by a study recently published by Oracle and KPMG, conducted by the Enterprise Strategy Group. The sharing of responsibility between the supplier and its customer is only perfectly understood by 8% of respondents.

While 80% admit that security incidents in the cloud led them to review the security of their data, 70% of respondents believe that public cloud security requires too many dedicated tools. In fact, 78% of companies use more than 50 separate cybersecurity solutions to prevent security problems and 37% use more than 100. Logically, 92% consider their company ill-prepared for the large-scale use of the cloud . However, 75% believe that public cloud platforms are more secure than their own data centers.

The panacea for AI

Bad cloud configurations (or bad practices) remain a scourge, however. For example, companies configure superfluous privileged accesses (37%), saturate the possible flows in input and output of servers and do not implement multi-factor security for access to configuration tools, even though 59% admit phishing attacks on privileged account owners.

The worst part may be that 80% of respondents fear that their cloud providers will eventually become competitors. Faced with the threats mentioned, the belief in a panacea seems to prevail: 87% of respondents consider that AI and machine learning are essential technologies for security, in order to better protect themselves against fraud, malware and problems with poor computer configurations.

Source: www.lemondeinformatique.fr

Rate article
Add comment