A Fortinet 2021 Cloud Security Report survey conducted by Security Insiders found that cloud security concerns among cybersecurity professionals remain high as the adoption of public cloud computing continues to surge in the wake of the pandemic and the resulting massive shift to remote work.
Organisations continue to rapidly migrate workloads from data centres to the cloud, and the trend has been accelerating during the recent Covid pandemic. The report indicates that 33 per cent of organisations are running more than half of their workloads in the cloud today, and that number is set to rise to 56 per cent in the next 12–18 months.
Multi-cloud adoption is very much the norm as organisations were found to be operating in an expanded and diverse digital landscape. 71 per cent of organisations are pursuing a hybrid or multi-cloud strategy as the cloud is the preferred choice for integration of multiple services, scalability, or business continuity reasons. 76 per cent of organisations are using two or more cloud providers and hybrid still accounts for more than one-third of the deployments.
Among the key barriers to faster cloud adoption, survey participants mentioned lack of visibility (53 per cent), lack of control (46 per cent), lack of staff resources or expertise (39 per cent), and high cost (35 per cent) as the most significant negative factors.
Misconfiguration of cloud security remains the biggest security risk according to 67 per cent of cybersecurity professionals in the survey. This is followed by exfiltration of sensitive data (59 per cent) and tying at 49 per cent are unauthorised access and insecure interfaces/APIs.
Multi-cloud environments add complexity and security challenges as organisations are most concerned with data protection (58 per cent) followed by a lack of security skills (57 per cent) and understanding how different solutions fit together (52 per cent).
78 per cent of surveyed cybersecurity professionals would find it very helpful to extremely helpful to have a single cloud security platform offering a single dashboard while allowing for configuration of policies to protect data consistently and comprehensively across the cloud.
When asked how organisations source their cloud security, the vast majority said they prefer cloud-native security (74 per cent). This is followed by third-party cloud security solutions (48 per cent) and managed service providers delivering security services (34 per cent).
Finally, organisations choose between cloud security solutions offered by independent third-party providers and the cloud-native security solutions offered by the cloud platform based on the cost of the security solution (60 per cent), followed by low solution complexity (59 per cent) and ease of use (52 per cent).
Rajesh Maurya, Regional Vice President, India & SAARC at Fortinet, said, “Organisations are grappling with a diverse set of tools that deliver disparate controls and highly variable security posture, specific to each cloud platform. Deeply integrated, cloud-native solutions can bridge this complexity by providing visibility, protection and control through consistent policies that span the diverse array of multi-cloud and hybrid cloud environments. A common security framework not only delivers a uniform security posture, but it also simplifies cyber defence, compliance reporting and data sharing. With this approach, organisations can freely adopt whichever cloud platform that suits their particular needs, confident that their data and applications will be safe, resilient and secure.”