According to a new survey, a lack of security skills is slowing down almost half of organizations' plans to adopt the cloud. Could encryption be a partial remedy? All companies need to secure their machine-to-machine communications, regardless of whether those machines are on premises or in the cloud. Improving encryption management strategies overall could remove certain impediments to transitioning to a cloud environment.
In September 2016, Intel Security surveyed 1,400 senior technical professionals for its annual cloud security research study. A report entitled Building Trust in a Cloudy Sky: The state of cloud adoption and security summarizes the tech giant's findings.
On the one hand, organizations around the world are increasingly migrating to the cloud to meet some or all their business requirements. Intel Security found in its study that 93 percent of organizations already use cloud services in some form, with approximately three-quarters (74 percent) of them storing some or all their sensitive data in the cloud. This integration is expected to grow as time goes on. Specifically, 80 percent of IT budgets will consist of cloud-based apps and solutions in the next 15 months.
Not all organizations are rushing their migration to the cloud, however.
Nearly half of all companies said a lack of security skills is delaying their cloud adoption plans. 60 percent of engineering and telecommunication firms cited the skills gap as a deterrent, as did companies primarily located in Japan, Mexico, and the Gulf Coast Council. Clearly, enterprises realize they need skilled personnel to defend against cloud-related threats, including a 52 percent likelihood they'll suffer a malware infection from a software as a service (SaaS) application. Given those concerns regarding the skills gap and cloud-based threats, it's not surprising less than a quarter (23 percent) of all companies completely trust the cloud to keep their data secure.
Fortunately, there's hope for the future.
Organizations' adoption of hybrid cloud environments grew three times in the last year from 19 percent to 57 percent. Not only that, but fully integrated and unified security solutions are helping organizations to increase their trust in the public cloud, with companies more likely to store their data in the cloud if their security solutions extend across multiple environments. At the same time, Australia, Canada, and the Gulf Coast Council are leading countries' adoption of the private cloud. These trends leave financial services at the forefront of adoption. 99 percent of financial firms have adopted cloud services, Intel Security found in its study, whereas 87 percent are committed to dedicating most of their IT budgets to the cloud in the future.
As more and more businesses adopt the cloud, organizations that are still considering their own migration should try to stay on top of the latest trends and cloud-based threats. An important first step in this process is reading Intel Security's report. You can download your copy here.
To further prepare for the process of migrating to the cloud, organizations should consider adopting encryption strategies. Nearly half (41 percent) of respondents to Thales’ 2017 Global Encryption Trends Study said they have an encryption strategy that covers the enterprise. For 37 of those participating individuals, their strategies entail turning over control of keys and encryption processes to the cloud providers themselves. Others aren't sold on the benefits of that approach, however, and would prefer to maintain control of their keys and certificates.
Larry Ponemon, chairman and founder of the Ponemon Institute, can't overemphasize the importance of internal key management given today's digital threats. As he told Infosecurity Magazine:
"The accelerated growth of encryption strategies in business underscores the proliferation of mega-breaches and cyberattacks, as well as the need to protect a broadening range of sensitive data types. Simply put, the stakes are too high for organizations to stand by and wait for an attack to happen to them before introducing a sophisticated data protection strategy. Encryption and key management continue to play critical roles in these strategies.”