Latest News  

Oracle and KPMG study finds that confusion over cloud security responsibilities, lack of visibility and shadow IT complicate corporate security

Companies continue to move business critical workloads and their most sensitive data to the cloud, yet security challenges remain, according to the second annual Oracle and KPMG Cloud Threat Report 2019 recently released.

2019-03-31 20:20:43

The report found that 72 percent of respondents feel the public cloud is more secure than what they can deliver in their own data center and are moving data to the cloud, but visibility gaps remain that can make it hard for businesses to understand where and how their critical data is handled in the cloud.

The survey also found a projected 3.5 times increase in the number of organizations with more than half of their data in the cloud from 2018 to 2020, and 71 percent of organizations indicated that a majority of this cloud data is sensitive, up from 50 percent last year. However, the vast majority (92 percent) noted they are concerned about employees following cloud policies designed to protect this data.

The report found that the mission-critical nature of cloud services has made cloud security a strategic imperative. Cloud services are no longer nice-to-have tertiary elements of IT—they serve core functions essential to all aspects of business operations. The 2019 report identified several key areas where the use of cloud service can present security challenges for many organizations.

• Confusion about the shared responsibility security model has resulted in cybersecurity incidents. Eighty-two percent of cloud users have experienced security events due to confusion over the shared responsibility model. While 91 percent have formal methodologies for cloud usage, 71 percent are confident these policies are being violated by employees, leading to instances of malware and data compromise.
• CISOs are too often on the cloud security sidelines. Ninety percent of CISOs surveyed are confused about their role in securing a Software as a Service (SaaS) versus the cloud service provider environment.
• Visibility remains the top security challenge. The top security challenge identified in the survey is detecting and reacting to security incidents in the cloud, with 38 percent of respondents naming it as their top challenge today. Thirty percent cited the inability of existing network security controls to provide visibility into cloud-resident server workloads as a security challenge.
• Rogue cloud application use and lack of security controls put data at risk. Ninety-three percent of respondents indicated they are still dealing with "shadow IT"—in which employees use unsanctioned personal devices and storage or file share software for corporate data. Half of organizations cited lack of security controls and misconfigurations as common reasons for fraud and data exposures. Twenty-six percent of organizations cited unauthorized use of cloud services as their biggest cybersecurity challenge today.


"The world's most important workloads are moving to the cloud, heightening the need for a coordinated, integrated and layered security strategy," said Kyle York, vice president of product strategy, Oracle Cloud Infrastructure. "Starting with a cloud platform built for security and applying AI to safeguard data while also removing the burden of administrative tasks and patching removes complexity and helps organizations safeguard their most critical asset—their data."

"As organizations continue to transition their cyber security thinking from strictly risk management to more of a focus on business innovation and growth, it is important that enterprise leaders align their business and cyber security strategies," said Tony Buffomante, U.S. Leader of KPMG LLP's Cyber Security Services. "With cloud services becoming an integral part of business operations, there is an intensified need to improve the security of the cloud and to integrate cloud security into the organization's broader strategic risk mitigation plans."

Additional Key Findings

• Automation may improve chronic patching problems: Fifty-one percent surveyed report patching has delayed IT projects and 89 percent of organizations want to employ an automatic patching strategy.
• Machine learning may help decrease threats: Fifty-three percent are using machine learning to decrease overall cyber security threats, while 48 percent are using a Multi-factor Authentication (MFA) solution to automatically trigger a second factor of authentication upon detecting anomalous user behavior.
• Supply chain risk: Business-critical services must be contained as supply chain compromise has led to the introduction of malware in 49 percent of cases, followed by unauthorized access of data in 46 percent of cases.
• Security events continue to increase while shared responsibility confusion expands: Only 1 in 10 organizations can analyze more than 75 percent of their security event data and 82 percent of cloud users have experienced security events due to confusion over cloud shared responsibility models.
• Cloud adoption has expanded the core-to-edge threat model: An increasingly mobile workforce accessing both on premise and cloud-delivered applications and data dramatically complicates how cybersecurity professionals must think about their risk and exposure. In 2018, the number one area of investment was training, but this year, training slipped to number two and was replaced by edge-based security controls (e.g., WAF, CASB, Botnet/DDoS Mitigation controls).


To find out more about the Oracle and KPMG Cloud Threat Report 2019, visit Oracle at the RSA Conference, March 4-8 in San Francisco. (Booth #1559 – Moscone South).


The Oracle and KPMG Cloud Threat Report 2019 examines emerging cyber security challenges and risks that businesses are facing as they embrace cloud services at an accelerating pace. The report provides leaders around the globe and across industries with important insights and recommendations for how they can help ensure that cyber security is a critical business enabler. The data in the report is based on a survey of 450 cyber security and IT professionals from private and public-sector organizations in North America (United States and Canada), Western Europe (United Kingdom), and Asia (Australia, Singapore).


0 COMMENTS ^ Go back to Top
WRITE A COMMENT ^ Go back to Top
 
Your email address will not be published.
Nickname
Email
Comment
Validation Code
   
 
 
NEWS
Endava opens two new software centers at Brasov and Timisoara

Top five ranking software company Endava, with a turnover exceeding 500 million lei in 2018, announced the opening of two new software centers at Timisoara and Brasov.

 Read Full article »
Volvo Cars and Uber present production vehicle ready for self-driving

Volvo Cars, a leader in automotive safety, and Uber, the leading ride-hailing firm, today present a jointly developed production car capable of driving by itself, the next step in the strategic collaboration be

 Read Full article »
Pepper Escu, the first humanoid robot in Romania's commercial real estate business works at CBRE

Starting May, the real estate consultant CBRE has brought Pepper Escu on its team, the first humanoid robot in a real estate company in Romania. CBRE aims to use the robot's technological abilities to create sy

 Read Full article »
Rebranding Creativity 2019, the first applied creativity and creative-problem-solving conference in CEE takes place at Cluj-Napoca

Rebranding Creativity, a conference powered by Crea-Est professional association and supported by strategic partner RSM Romania will take place at Cluj-Napoca.

 Read Full article »
The importance of having a vision and build business agility

In the past year the outsourcing industry became - due to its constant growth as market but also as intrinsic evolution of people and companies - one of the most reliable barometers of fundamental metrics of th

 Read Full article »
Undelucram.ro study reveals the top of companies offering the best salaries in their industry

As expected, the companies operating in IT & C, banks and consultancy provide the best salaries, bonuses and personal development opportunities, show an online ranking conducted by online portal undelucram.ro.

 Read Full article »
E.ON to hire 300 specialists for the Iasi-based Software and Development center

E.ON Software Development (ESD), part of the German group E.ON announced it started an ambitious development plan in Romania that that will triple the number of employees from 100 people to 400 in the next two

 Read Full article »
Microsoft and Oracle to interconnect Microsoft Azure and Oracle Cloud

Microsoft Corp. and Oracle Corp. on Wednesday announced a cloud interoperability partnership enabling customers to migrate and run mission-critical enterprise workloads across Microsoft Azure and Oracle Cloud,

 Read Full article »
TotalSoft 2018 turnover at 19 mln. Euro, Q1 2019 revenue up 16 per cent

TotalSoft, one of Central Europe's leading providers of business software solutions, reported a turnover of 19 million euro in 2018, while its revenues in Q1 2019 were 16 percent up YoY to 5.4 million Euro, t

 Read Full article »
Endava sells its fintech centre in Bucharest to Worldpay

UK-based technology company Endava said this week it is selling its fintech centre in Bucharest, Endava Technology, to payment processing company Worldpay

 Read Full article »
 
 
 
MOST READ ARTICLES
» Evolving from consumers of resources t...
» Preparing for the new future
» ROMANIAN OUTSOURCING AWARDS FOR EXCELL...
» Pepper Escu, the first humanoid robot ...
» Volvo Cars and Uber present production...
» Berg Software Romania: Reasons to outs...
» Marian V. Popa: Meet the speakers at R...
» Deloitte 2019 Global Human Capital Tre...
» Andrei Voica: Meet the speakers at Rom...
» How giving back pays dividends for com...
 
EDITOR CHOICE
Digital Transformation Conference to take place on June 19 at Bucharest

The Diplomat – Bucharest organizes Digital Transformation Conference to be held on 14 of June in Bucharest, at Hilton Hotel - Regina Maria Hall, starting 8:30 AM.

 Read Full article »
L&D Conference by The Diplomat Bucharest took place on June 4th at Bucharest

The Diplomat-Bucharest organizes the Third Edition of its Learning & Development CONFERENCE on 4 June, 2019 at InterContinental Hotel Bucharest starting 09:00 am.

 Read Full article »
Meet the winners of ROMANIAN BUSINESS SERVICES AWARDS, 2019 edition

ROMANIAN BUSINESS SERVICES FORUM & AWARDS 2019, in its fifth year, brrought on May 7, in Bucharest, a new concept event with engaging keynote sessions by industry leaders, interactive panel discussions, network

 Read Full article »
Few hours away from to the long awaited CEO Leaders Debate, a premiere of Romanian Business Services Forum and Awards

We are a few hours away to the long awaited CEO Leaders Debate, a premiere of Romanian Business Services Forum and Awards on May 7.

 Read Full article »
Colin C. Lovering: Meet the speakers at Romanian Business Services Forum & Awards 2019, on May 7

Colin C. Lovering has been living and working in Romania since 2009 when he arrived to offer consultancy and advice to organisations looking for growth and profitability and founded Achieve International.

 Read Full article »
Latest News  
 
about us | newsletter | contact | members area | GDPR policy
Copyright © 2015 by Diplomat Media Events Design by Diplomat Media Events