TTI | Network Security Insights

Companies Still Wary of Making Leap to the Cloud Without Proper Cybersecurity Staff

Written by Craig Badrick | May 15, 2018 8:13:14 AM

Companies are still interested in migrating their IT processes to the cloud, but many are struggling to find the requisite cybersecurity talent to do so safely.

Last month, McAfee published its third annual report on cybersecurity in the cloud, Navigating a Cloudy Sky: Practical Guidance and the State of Cloud Security. Based on a survey of 1,400 IT professionals from around the world, the report’s findings amount to a mixed bag for advocates of a cloud-first approach to enterprise IT.

On the one hand, it has become eminently clear that cloud computing is here to stay, as 97% of IT professionals said that their company runs at least some processes in the cloud — a 4% increase from 2017. On the other hand, the fraction of companies actually implementing a cloud-first strategy — that is, “an IT strategy that states new projects should consider using cloud technology first” — plummeted from 82% in 2017 to 65% in 2018.

Much of this reluctance to go all-in on cloud computing stems from the ongoing cybersecurity skills shortage in the enterprise space. While the talent gap has narrowed slightly over the course of the last year, 40% of the McAfee respondents admit that it has caused them to decelerate their company’s cloud migration.

The convergence of this skills shortage with companies’ continued commitment to at least measured cloud usage has led to a marked increase in cybersecurity incidents. That said, as McAfee Cloud Security Business Unit Senior VP Rajiv Gupta points out, “Despite the clear prevalence of security incidents occurring in the cloud, enterprise cloud adoption is pressing on.”

 

Companies Suffer Breaches on an Insecure Cloud

To be fair, a good number of companies seem to be aware of the status quo’s attendant risks, with fewer than 70% of IT professionals claiming to trust public cloud providers to keep their company’s data secure.

But that hasn’t stopped 61% of companies from regularly storing personal customer information in the cloud, or another 30% from storing intellectual property, healthcare records, competitive intelligence, or network pass cards on cloud servers. All told, more than 83% of the McAfee respondents admitted to storing at least some sort of sensitive data in the public cloud.

With all of this valuable information floating around, it’s rather troubling that one in four companies that use either an Infrastructure-as-a-Service (IaaS) or a Software-as-a-Service (SaaS) solution admits to having had its data stolen. Even more troubling, 20% of these companies detected “an advanced attack against their public cloud infrastructure,” and 56% have “traced a malware infection back to a cloud application.”

 

Secure Cloud Computing through Managed Services

The McAfee report offers several suggestions for securing a company’s cloud-based data — adopting DevSecOps processes, deploying automation and management tools, and developing unified security protocols — but for many companies, striking up a partnership with a managed IT services provider is the easiest, most effective route to robust cloud security.

With nearly three decades of industry experience, Turn-key Technologies (TTI) can help any company engage in better, more mature cloud computing without having to worry about scouring barren talent pools for in-house IT staff.

At TTI, we firmly believe that no company should be forced to miss out on the many benefits of cloud computing just because it lacks the expertise to do it securely, and we’re prepared to work with each and every one of our clients to craft a managed services solution tailored to their unique cloud computing needs.