Most Execs Dont Feel They Can Secure Cloud Infrastructures

Two-thirds of IT pros dont believe cloud environments are as secure as on-premises environments

Enterprises are using cloud infrastructures, but they arent very confident in their ability to secure them, according to a study to be published Wednesday.
Fewer than half of enterprises believe their organizations have adequate technologies to secure their cloud infrastructures, according to a survey of 1,000 IT security practitioners and enterprise compliance officers conducted by the Ponemon Institute and sponsored by encryption vendor Vormetric.
According to the report, entitled Data Security in the Cloud Survey of U.S. IT Operations, IT Security and Compliance Practitioners, only one-third of IT security practitioners believe cloud infrastructure (IaaS) environments are as secure as on-premise datacenters, while half of compliance officers think IaaS is as secure.
Twenty-one percent of compliance officers said they are responsible for defining security requirements, but 22 percent of IT respondents think this responsibility belongs to business unit leaders.
Fewer than a third of respondents said they encrypt data in the cloud. IT practitioners said encryption should be used to make data unreadable by cloud service providers, but compliance officers said encryption should be used to enforce separation of duties to prevent IT administrators from accessing data they do not need to perform their jobs.
While we were surprised by the different attitudes towards cloud security among IT practitioners and compliance officers, the findings did reveal that security in the cloud is a concern for both groups, especially in IaaS environments, said Larry Ponemon, chairman and founder of the Ponemon Institute. What is most troubling is the fact that while respondents feel they lack adequate technologies to secure their IaaS environments, ownership for security in the cloud is dispersed throughout the organization.
Data in IaaS cloud environments is perceived as a greater security risk, while SaaS (software as a service) is considered by both groups to be more secure.
More than half of respondents said their organizations internal audit review does not provide feedback on the security in cloud infrastructures, the study says.
Have a comment on this story? Please click Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Most Execs Dont Feel They Can Secure Cloud Infrastructures