Ponemon Prognosis Shows State of Cloud Security Improvements

  /     /     /  
Publicated : 22/11/2024   Category : security


Ponemon Prognosis Shows State of Cloud Security Improvements


Incremental improvements in risk assessments and data protection in the cloud, but access control issues abound



For as much chatter that the cloud security gap continues to garner at trade shows such as last weeks
RSA Conference
, a new Ponemon Institute study out this week shows that, in many ways, organizations are incrementally improving how they manage the risks around placing sensitive databases and applications in the cloud.
Still, theres room for improvement. In some glaring cases -- namely, data governance and access control -- the perceived risk climbed since 2010 when Ponemon last conducted a similar survey.
What we found in 2010, in general, was that security is not the priority in the cloud universe, says Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, who said the two surveys asked the same attribution questions as a way of testing perceptions attitudes and change around data security in the cloud. What we found [in 2012] were small improvements, but consistently so in every one of our attributions.
Conducted on behalf of CA Technologies, the Ponemon State of Cloud Security report found that among more than 700 IT decision makers, 51 percent reported that cloud computing applications not vetted for risk are not used in their organizations. Thats a 10 percentage point jump over the past two years. Meanwhile, back in 2010 only 44 percent of organizations reported that doing a risk assessment before putting databases and other IT assets in the cloud. That number jumped up to 50 percent this time around.
In general, all of these results suggest that security is still an issue, but its getting better, says Ponemon, who noted that, in particular, organizations have improved their ability to prevent or curtail data loss or theft from cloud resources, which went up nine percentage points. In the last two years, there have been a ton of products building encryption technology in the cloud.
However, there were some areas where organizations did not improve, according to the survey. For example, fewer organizations reported that they were able to ensure governance processes were effective, even in the cloud. Similarly, fewer organizations reported they were able to properly identify and authenticate users before granting access to data and systems in the cloud.
But I think the reason isnt that technology is getting worse -- its just that the demands on the cloud are growing, he says.
This survey tracks well with results from a recent survey out from cloud security provider SilverSky, which showed a whopping 97 percent of companies have increased or maintained their confidence in the cloud over the past year, and that currently 24 percent of all business functions are cloud-based today.
One of the big challenges organizations and top technology executives have faced is the difficulty of assigning responsibility for security. Ponemons survey shows that since 2010, more executives believe they share responsibility with cloud providers, but 36 percent of organizations still lay security responsibility solely at the feet of their providers.
Moving to the cloud should be career-defining, not career-limiting, says Andrew Jaquith, CTO of SilverSky. When CIOs and security decision makers move their critical workloads to the cloud, they seek providers that cut their costs, simplify their architectures, and protect their data. But equally important, they are making a leap of faith by entrusting services they cant do without to someone they dont know.
Have a comment on this story? Please click Add Your Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ Sony, XBox Targeted by DDoS Attacks, Hacktivist Threats ◂
Discovered: 23/12/2024
Category: security

▸ There are plenty of online tools for reporting bugs. ◂
Discovered: 23/12/2024
Category: security

▸ 27 Million South Koreans Hit by Online Gaming Theft. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Ponemon Prognosis Shows State of Cloud Security Improvements