Businesses “risking sensitive information in the cloud” suggests Bitglass survey

Bitglass has just released ‘Guardians of the Cloud’, its 2019 Cloud Security Report. As organisations migrate more of their data and operations to the cloud, they must maintain a robust cyber security posture. To uncover how well they’re accomplishing this, Bitglass has partnered with a leading cyber security community to survey IT professionals about cloud security in their organisations.

Each year, Bitglass conducts research on the state of enterprise cloud security in order to identify key trends and common vulnerabilities. This year’s report found that 75% of organisations leverage multiple cloud solutions, but only 20% have visibility over cross-app anomalous behaviour.

With more and more organisations storing sensitive information in the cloud – information like customer data (45%), employee data (42%) and Intellectual Property (24%) – adopting proper cloud security measures is critical.

Despite a change in their order, the top priorities from 2018 remained top priorities in 2019. This year, the Top Three were defending against malware, reaching regulatory compliance and securing major apps in use.

The use of CASBs for malware protection has increased from 20% in 2018 to 31% in 2019.

Access control (52%) and anti-malware (46%) are the most-used cloud security capabilities. However, these and others – like single sign-on (26%) and data loss prevention (20%) – are still not deployed often enough.

Malware has emerged as the most concerning data leakage vector, with 27% of respondents citing it as the foremost concern for their organisation. Conversely, concern about leakage through unsanctioned cloud apps fell from 12% in 2018 to 5% in 2019, showing that organisations are becoming aware that there are threats greater than shadow IT.

Cost is the leading concern for organisations evaluating cloud security providers. Other critical concerns include ease of deployment (46%), whether the solution is cloud native (45%), the ease with which cross-cloud security policies can be enforced (36%) and a given solution’s ability to integrate with various cloud platforms (36%).

“Data is now being stored in more cloud apps and accessed by more devices than ever before,” said Rich Campagna, chief marketing officer of Bitglass. “This report found that 93% of respondents are at least moderately concerned about their ability to use the cloud securely, and that the adoption rates of basic cloud security tools and practices are still far too low. Many organisations need to rethink their approach to protecting data as traditional tools for safeguarding data on premises are not capable of protecting data in the cloud.”

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts