Latest News  

Oracle and KPMG study finds that confusion over cloud security responsibilities, lack of visibility and shadow IT complicate corporate security

Companies continue to move business critical workloads and their most sensitive data to the cloud, yet security challenges remain, according to the second annual Oracle and KPMG Cloud Threat Report 2019 recently released.

2019-03-31 20:20:43

The report found that 72 percent of respondents feel the public cloud is more secure than what they can deliver in their own data center and are moving data to the cloud, but visibility gaps remain that can make it hard for businesses to understand where and how their critical data is handled in the cloud.

The survey also found a projected 3.5 times increase in the number of organizations with more than half of their data in the cloud from 2018 to 2020, and 71 percent of organizations indicated that a majority of this cloud data is sensitive, up from 50 percent last year. However, the vast majority (92 percent) noted they are concerned about employees following cloud policies designed to protect this data.

The report found that the mission-critical nature of cloud services has made cloud security a strategic imperative. Cloud services are no longer nice-to-have tertiary elements of IT—they serve core functions essential to all aspects of business operations. The 2019 report identified several key areas where the use of cloud service can present security challenges for many organizations.

• Confusion about the shared responsibility security model has resulted in cybersecurity incidents. Eighty-two percent of cloud users have experienced security events due to confusion over the shared responsibility model. While 91 percent have formal methodologies for cloud usage, 71 percent are confident these policies are being violated by employees, leading to instances of malware and data compromise.
• CISOs are too often on the cloud security sidelines. Ninety percent of CISOs surveyed are confused about their role in securing a Software as a Service (SaaS) versus the cloud service provider environment.
• Visibility remains the top security challenge. The top security challenge identified in the survey is detecting and reacting to security incidents in the cloud, with 38 percent of respondents naming it as their top challenge today. Thirty percent cited the inability of existing network security controls to provide visibility into cloud-resident server workloads as a security challenge.
• Rogue cloud application use and lack of security controls put data at risk. Ninety-three percent of respondents indicated they are still dealing with "shadow IT"—in which employees use unsanctioned personal devices and storage or file share software for corporate data. Half of organizations cited lack of security controls and misconfigurations as common reasons for fraud and data exposures. Twenty-six percent of organizations cited unauthorized use of cloud services as their biggest cybersecurity challenge today.


"The world's most important workloads are moving to the cloud, heightening the need for a coordinated, integrated and layered security strategy," said Kyle York, vice president of product strategy, Oracle Cloud Infrastructure. "Starting with a cloud platform built for security and applying AI to safeguard data while also removing the burden of administrative tasks and patching removes complexity and helps organizations safeguard their most critical asset—their data."

"As organizations continue to transition their cyber security thinking from strictly risk management to more of a focus on business innovation and growth, it is important that enterprise leaders align their business and cyber security strategies," said Tony Buffomante, U.S. Leader of KPMG LLP's Cyber Security Services. "With cloud services becoming an integral part of business operations, there is an intensified need to improve the security of the cloud and to integrate cloud security into the organization's broader strategic risk mitigation plans."

Additional Key Findings

• Automation may improve chronic patching problems: Fifty-one percent surveyed report patching has delayed IT projects and 89 percent of organizations want to employ an automatic patching strategy.
• Machine learning may help decrease threats: Fifty-three percent are using machine learning to decrease overall cyber security threats, while 48 percent are using a Multi-factor Authentication (MFA) solution to automatically trigger a second factor of authentication upon detecting anomalous user behavior.
• Supply chain risk: Business-critical services must be contained as supply chain compromise has led to the introduction of malware in 49 percent of cases, followed by unauthorized access of data in 46 percent of cases.
• Security events continue to increase while shared responsibility confusion expands: Only 1 in 10 organizations can analyze more than 75 percent of their security event data and 82 percent of cloud users have experienced security events due to confusion over cloud shared responsibility models.
• Cloud adoption has expanded the core-to-edge threat model: An increasingly mobile workforce accessing both on premise and cloud-delivered applications and data dramatically complicates how cybersecurity professionals must think about their risk and exposure. In 2018, the number one area of investment was training, but this year, training slipped to number two and was replaced by edge-based security controls (e.g., WAF, CASB, Botnet/DDoS Mitigation controls).


To find out more about the Oracle and KPMG Cloud Threat Report 2019, visit Oracle at the RSA Conference, March 4-8 in San Francisco. (Booth #1559 – Moscone South).


The Oracle and KPMG Cloud Threat Report 2019 examines emerging cyber security challenges and risks that businesses are facing as they embrace cloud services at an accelerating pace. The report provides leaders around the globe and across industries with important insights and recommendations for how they can help ensure that cyber security is a critical business enabler. The data in the report is based on a survey of 450 cyber security and IT professionals from private and public-sector organizations in North America (United States and Canada), Western Europe (United Kingdom), and Asia (Australia, Singapore).


0 COMMENTS ^ Go back to Top
WRITE A COMMENT ^ Go back to Top
 
Your email address will not be published.
Nickname
Email
Comment
Validation Code
   
 
 
NEWS
Cushman & Wakefield Echinox: StreamWIDE joins the new IT hub created in the Timpuri Noi Square project

StreamWIDE, a company specialized in the software and telecommunications industry, realocates its office in Bucharest in the Timpuri Noi Square project, joining the new IT hub created in the business park devel

 Read Full article »
CBRE: Office deliveries expected to bring new stock of 635.00 sqm, Bucharest to reach 3.9 mln sqm modern office spaces

During 2020–2021 to approx. 635,000 sqm of modern office space are expected to be delivered on market, increasing the Bucharest modern stock at approx. 3.9 million sq m, a step closer to a new a threshold and

 Read Full article »
Uber opens at Bucharest the largest support center to drivers and business partners in CEE

Uber company launched this week in Bucharest the largest center in Central and Eastern Europe that offers assistance to drivers and business partners in Romania, a center where they can contact directly Uber re

 Read Full article »
Samsung and Orange Romania activated the 5G VR Live streaming at Untold Music Festival in Romania

Samsung Electronics and Orange Romania have successfully deployed a 5G New Radio (NR) network to demonstrate a series of 5G use cases at Untold Festival 2019, the largest annual dance music festival in Romania,

 Read Full article »
MVP Lab in Sibiu named as one of Europe's best in the "Ones to Watch" list at European Business Awards

Ropardo MVP Lab has been named as ‘One to Watch' in Europe in a list of business excellence published by the European Business Awards, one of world's largest and longest running business competitions.

 Read Full article »
Endava marks one year since IPO

Endava, one of the most important software companies, present on the local market with 7 delivery centers, reaches an almost double capitalization, 2.07 billion USD, on July 26, 2019, one year after listing. Th

 Read Full article »
Infosys opens cyber defence centre in Bucharest

Infosys, a global leader in next-generation digital services and consulting, announced the launch of its Cyber Defence Centre in Bucharest, Romania. The Defence Centre is an expansion of services delivered thro

 Read Full article »
QuEST Global completes integration of IT Six Global Services

QuEST Global, a global product engineering and lifecycle services company, has successfully completed the integration of IT Six Global Services SRL. QuEST Global acquired IT Six, a software engineering services

 Read Full article »
RE MAX Romania opens three more offices

RE/MAX Romania has expanded its network, adding three new offices – RE/MAX Partners in Cluj, RE/MAX Quality in Sibiu and RE/MAX Prestige in Targu Mures.

 Read Full article »
Microsoft and OpenAI form exclusive computing partnership to build new Azure AI supercomputing technologies

Microsoft Corp. and OpenAI have partnered to further extend Microsoft Azure's capabilities in large-scale AI systems, according to a release of Microsoft.

 Read Full article »
 
 
 
MOST READ ARTICLES
» SMEs, micro-enterprises can access fun...
» Shifting the workplace perspective tow...
» Opinion: Why Canada, Asia and Australi...
» Olivier Hecq, Head of SSC IT, SGEBS:" ...
» TELUS International continues partners...
» ABSL presents the 3rd edition of Iasi ...
» IT and BPS to ensure most of the Roman...
» Connections signs partnership with UiP...
» More than 500 business leaders at the ...
» Business in the service of a higher pu...
 
EDITOR CHOICE
Workplace of the Future conference to take place on November 20th at Bucharest

The Diplomat-Bucharest together with Outsourcing Today organize the 3rd Edition of WORKPLACE OF THE FUTURE, on 20th of November 2019, in Bucharest, at Capital Plaza Hotel.

 Read Full article »
Strategic Talent Acquisition at People Empowering Business Forum on October 30 in Bucharest

Latest trends like demographic upheaval, globalization, digital technology, and changing social values and worker expectations, are disrupting business models and radically changing the workplace. These are req

 Read Full article »
Informal IT School and UiPath launch an educational program for RPA development to start in October

Informal IT School announced a partnership with UiPath to launch an RPA development educational program of five months, 100 hours of courses, five days a week. The program will run in Cluj-Napoca.

 Read Full article »
Impact Hub Bucharest joins 3house to manage three coworking spaces in the city

Impact Hub Bucharest, a coworking spaces manager and developer of accelerator programs and events merged with 3house, a new concept of workplace launched in 2018. By this, Impact Hub reaches 3 locations and 6.7

 Read Full article »
JLL: Total office space in Bucharest to reach 3 million sqm

The second quarter of 2019 reconfirmed the increased interest for the office market in Romania. Over 115,000 square meters of office space were leased over this period at the national level, a value similar wit

 Read Full article »
Latest News  
 
about us | newsletter | contact | members area | GDPR policy
Copyright © 2015 by Diplomat Media Events Design by Diplomat Media Events