Cloud adoption is in full swing. IT departments are feeling pressure to migrate totally to the cloud. Change is happening, and fast, but not without risk, according to a cyber security product company. After surveying more than 250 IT security people, Kaspersky Lab has found that uncontrolled cloud expansion is the top security concern for more than half (58 per cent) of CISOs.
By using multiple cloud platforms within a hybrid cloud infrastructure, businesses can deliver their products and services faster, optimise their performance, and improve the reliability of their services, as Kaspersky point out. However, despite its advantages, cloud computing, especially when the cloud infrastructure is hosted by a third party, may also bring cyber-security challenges. While an organisation’s overall IT becomes heterogeneous with cloud, CISOs are facing more headaches to keep their data secure and protect company finances from losses in a breach.
Managing complex IT is also becoming even more difficult due to a lack of talent — another challenge for corporate cyber-security. Hybrid cloud adoption requires specialists with the necessary skills to configure and manage security for all parts of the IT infrastructure. For CISOs, this results in staffing problems: more than a third (38pc) claim it is difficult to recruit specialists to cope with this ‘cloud zoo’. According to Kaspersky, CISOs need a single solution that not only provides them with a high level of security, but also ensures the business’s cyber-security layer is visible and can be managed across the whole cloud infrastructure, even by a limited cloud security team.
Maxim Frolov, Vice President of Global Sales at Kaspersky Lab said: “There’s no denying that with the business benefits it brings, cloud is a key part of the strategic digital transformation journey for many enterprises. The use of cloud is growing fast, and businesses are not going to be put off adoption because of security concerns. It’s therefore vital that resilient security is also quickly and effectively implemented, to support this rapid adoption.
“Safeguarding data and workloads in the cloud environment, in addition to supporting the native security capabilities of a cloud platform is crucial. Protection layers should therefore include: the capability to monitor application behaviour and ban any suspicious activity; prevent exploits by using the latest threat intelligence; and find and automatically patch vulnerabilities, to safeguard data and workloads moving across cloud infrastructure, from threats. The best solutions also provide orchestration capabilities, so that IT teams can control what workloads are being accessed and processed, on and off-premise.”
