Latest News  

Oracle and KPMG study finds that confusion over cloud security responsibilities, lack of visibility and shadow IT complicate corporate security

Companies continue to move business critical workloads and their most sensitive data to the cloud, yet security challenges remain, according to the second annual Oracle and KPMG Cloud Threat Report 2019 recently released.

2019-03-31 20:20:43

The report found that 72 percent of respondents feel the public cloud is more secure than what they can deliver in their own data center and are moving data to the cloud, but visibility gaps remain that can make it hard for businesses to understand where and how their critical data is handled in the cloud.

The survey also found a projected 3.5 times increase in the number of organizations with more than half of their data in the cloud from 2018 to 2020, and 71 percent of organizations indicated that a majority of this cloud data is sensitive, up from 50 percent last year. However, the vast majority (92 percent) noted they are concerned about employees following cloud policies designed to protect this data.

The report found that the mission-critical nature of cloud services has made cloud security a strategic imperative. Cloud services are no longer nice-to-have tertiary elements of IT—they serve core functions essential to all aspects of business operations. The 2019 report identified several key areas where the use of cloud service can present security challenges for many organizations.

• Confusion about the shared responsibility security model has resulted in cybersecurity incidents. Eighty-two percent of cloud users have experienced security events due to confusion over the shared responsibility model. While 91 percent have formal methodologies for cloud usage, 71 percent are confident these policies are being violated by employees, leading to instances of malware and data compromise.
• CISOs are too often on the cloud security sidelines. Ninety percent of CISOs surveyed are confused about their role in securing a Software as a Service (SaaS) versus the cloud service provider environment.
• Visibility remains the top security challenge. The top security challenge identified in the survey is detecting and reacting to security incidents in the cloud, with 38 percent of respondents naming it as their top challenge today. Thirty percent cited the inability of existing network security controls to provide visibility into cloud-resident server workloads as a security challenge.
• Rogue cloud application use and lack of security controls put data at risk. Ninety-three percent of respondents indicated they are still dealing with "shadow IT"—in which employees use unsanctioned personal devices and storage or file share software for corporate data. Half of organizations cited lack of security controls and misconfigurations as common reasons for fraud and data exposures. Twenty-six percent of organizations cited unauthorized use of cloud services as their biggest cybersecurity challenge today.


"The world's most important workloads are moving to the cloud, heightening the need for a coordinated, integrated and layered security strategy," said Kyle York, vice president of product strategy, Oracle Cloud Infrastructure. "Starting with a cloud platform built for security and applying AI to safeguard data while also removing the burden of administrative tasks and patching removes complexity and helps organizations safeguard their most critical asset—their data."

"As organizations continue to transition their cyber security thinking from strictly risk management to more of a focus on business innovation and growth, it is important that enterprise leaders align their business and cyber security strategies," said Tony Buffomante, U.S. Leader of KPMG LLP's Cyber Security Services. "With cloud services becoming an integral part of business operations, there is an intensified need to improve the security of the cloud and to integrate cloud security into the organization's broader strategic risk mitigation plans."

Additional Key Findings

• Automation may improve chronic patching problems: Fifty-one percent surveyed report patching has delayed IT projects and 89 percent of organizations want to employ an automatic patching strategy.
• Machine learning may help decrease threats: Fifty-three percent are using machine learning to decrease overall cyber security threats, while 48 percent are using a Multi-factor Authentication (MFA) solution to automatically trigger a second factor of authentication upon detecting anomalous user behavior.
• Supply chain risk: Business-critical services must be contained as supply chain compromise has led to the introduction of malware in 49 percent of cases, followed by unauthorized access of data in 46 percent of cases.
• Security events continue to increase while shared responsibility confusion expands: Only 1 in 10 organizations can analyze more than 75 percent of their security event data and 82 percent of cloud users have experienced security events due to confusion over cloud shared responsibility models.
• Cloud adoption has expanded the core-to-edge threat model: An increasingly mobile workforce accessing both on premise and cloud-delivered applications and data dramatically complicates how cybersecurity professionals must think about their risk and exposure. In 2018, the number one area of investment was training, but this year, training slipped to number two and was replaced by edge-based security controls (e.g., WAF, CASB, Botnet/DDoS Mitigation controls).


To find out more about the Oracle and KPMG Cloud Threat Report 2019, visit Oracle at the RSA Conference, March 4-8 in San Francisco. (Booth #1559 – Moscone South).


The Oracle and KPMG Cloud Threat Report 2019 examines emerging cyber security challenges and risks that businesses are facing as they embrace cloud services at an accelerating pace. The report provides leaders around the globe and across industries with important insights and recommendations for how they can help ensure that cyber security is a critical business enabler. The data in the report is based on a survey of 450 cyber security and IT professionals from private and public-sector organizations in North America (United States and Canada), Western Europe (United Kingdom), and Asia (Australia, Singapore).


0 COMMENTS ^ Go back to Top
WRITE A COMMENT ^ Go back to Top
 
Your email address will not be published.
Nickname
Email
Comment
Validation Code
   
 
 
NEWS
Microsoft report: Romania registers average malware attack rate of 7.46 per cent, over European average

Romania reached a 7.646 per cent malware attack rate in 2018, 2.13 per cent higher than the average European rate, according tot eh 24th edition of Microsoft Security Intelligence (SIR), released recently.

 Read Full article »
Blockchain StartUp Swazm signs partnership with Maguay, one of the biggest server and storage suppliers in Europe

Romanian Blockchain company Swazm has signed a partnership with Maguay, one of the biggest server and storage suppliers in Europe. The objective of the partnership is to expand the Swazm blockchain network by u

 Read Full article »
Deloitte research: Learning, employee experience and leadership, the main topics on human capital agenda in Romania

Continuous learning for skills development, leadership development and improving the employee experience are the most important and urgent among the trends identified by Deloitte 2019 Global Human Capital Trend

 Read Full article »
Oracle: Shifting toward a whole-enterprise cloud

Cloud technology and its adoption have been transformative for nearly every business, industry, and product. From running applications that are always-on and available, to limitless infrastructure scalability,

 Read Full article »
CBRE takes charge of the operations of NEPI Rockcastle's office portfolio in Bucharest

CBRE, the world and local market leader in real estate consultancy, was mandated with the property management of NEPI Rockcastle's office portfolio in Bucharest, consisting of three emblematical buildings: Flo

 Read Full article »
KPMG launches an application enabling real-time feedback of employees and managers

KPMG launches an application enabling real-time feedback of employees and managers

 Read Full article »
ABSL GALA AWARDS celebrated its winners last evening at Bucharest

As the voice of the business services, ABSL has created the ABSL Awards with the purpose of recognizing the most innovative, impactful and valuable projects and initiatives of the business services industry ove

 Read Full article »
Medium-sized companies relocate from class B to class A-offices in Timisoara

The office market in Timisoara witnesses a new trend: the relocation of companies from class B spaces to class A and the increase in attractiveness of modern office projects for firms with less than 50 employee

 Read Full article »
PropTech Romania organizes a hackathon in Bucharest, dedicated to real estate industry

Proptech Romania, the first Romanian innovation platform dedicated to the real estate market announced it is organizing the first European Real Estate Hackathon, in Bucharest, on the 12-13 April, an event that

 Read Full article »
AROBS Transilvania Software acquires HR software provider UCMS Group Romania

AROBS Transilvania Software, a specialized provider of outsourced business solutions based in Romania, is to acquire human resources management business, UCMS Romania from TMF Group, on DATE, subject to regulat

 Read Full article »
 
 
 
MOST READ ARTICLES
» Huawei opens a centre on cyber securit...
» ROMANIAN OUTSOURCING AWARDS FOR EXCELL...
» Romania ranks above EU average in gend...
» Bucharest, in the top of cities in Eur...
» Berg Software Romania: Reasons to outs...
» Meet the experts who will decide the w...
» KPMG launches an application enabling ...
» Bogdan Pelinescu, president of ABSL: A...
» ABSL GALA AWARDS celebrated its winner...
» George Rotariu, CEO Bitcoin Romania: B...
 
EDITOR CHOICE
Catalina Dodu - Meet the speakers at Romanian Business Services Forum 2019 CEO LEADERS DEBATE, on May 7

Catalina Dodu runs the operations of Atos Romania since March 2014, with an experience of over 15 years in IT management. Previous to being appointed Country Manager, Catalina managed the System Integration div

 Read Full article »
Philippe Beucher: Meet the speakers at Romanian Business Services Forum 2019 CEO LEADERS DEBATE, on May 7

Philippe Beucher is the Managing Director of Accenture Operations – Danubia Region, leading the Operations entity for Romania, Czech Republic, Slovakia and Hungary starting from February 2019. For the past 1

 Read Full article »
Meet the speakers at Romanian Business Services Forum 2019 CEO LEADERS DEBATE, on May 7th - Matthieu Pasquier

Matthieu Pasquier is CEO of Societe Generale European Business Services since August 2018 bringing more than 27 years experience in Societe Generale group. During 2014-2018, Matthieu was Head of SG GSC Chennai

 Read Full article »
Sorin Mindrutescu among the speakers at Romanian Business Services Forum 2019 CEO LEADERS DEBATE, on May 7th

Sorin Mindrutescu is the Country Leader for Oracle Romania, as of February 2003. In this role, he is responsible for local sales and project delivery. In Romania, Oracle has two major business directions: the l

 Read Full article »
Meet the speakers at Romanian Business Services Forum 2019 CEO LEADERS DEBATE, on May 7th - Vivek Bakshi

Vivek Bakshi is the General Manager of Wipro Technologies. He has spent 12 years heading the International Locations / Delivery Centers Europe from the Bucharest office.

 Read Full article »
Latest News  
 
about us | newsletter | contact | members area | GDPR policy
Copyright © 2015 by Diplomat Media Events Design by Diplomat Media Events