Executives see security of cloud data as more important than ease of use

’Nimble’ businesses report much better cloud data security than transformational laggards

Cloud data security has been recognised as the most important focus area to improve business competitiveness in a recent survey of executives that also ranked internal user experience second.

Conducted amongst 175 American and European executives, the Unisys/IDG research found that 29 percent of respondents named the security of cloud data as the key priority – and a further 22 percent named it second – out of six key areas of prioritisation including customer experience; infrastructure performance and availability; timeliness in creating development and production environments; cloud and data centre management to better utilise all assets; and internal user experience.

Some 54 percent of respondents said their greatest business challenge lay in managing security threats and risks, and the compliance issues that they present.

“Respondents who indicate that their organizations have an excellent or very good ability to integrate and automate workloads across multiple cloud platforms also assign their organizations a higher average flexibility rating,” the survey's authors noted, with 15 percent of respondents falling into this category and therefore being classified as 'nimble'.

The results highlighted the value of a nimble mode of execution in improving business outcomes, with 59 percent of such respondents – those that said their organisations were 'nimble' – saying their nimbleness had helped improve data security and 56 percent of this group saying they had improved the speed of business decision making.

The results confirm that security is still seen as the biggest obstacle to adoption of cloud solutions, which show increasing potential in transforming businesses to a predominantly digital mode of operation – a goal that was recognised as essential by 72 percent of the respondents.

Despite broad enthusiasm about the model and its potential, concerns about the security of cloud solutions have kept many organisations from adopting cloud-based tools: it was only in June this year that one cloud-security report found, for the first time, that more than half of CISOs believed cloud apps were as secure or more secure than on-premises apps. Unsurprisingly, this was a similar result to the 45 percent of the Unisys survey respondents' applications that were still being installed on premises.

Cloud-based applications have had their share of security issues: recently, for example, a series of hacks against point-of-sale systems hit the operator of a cloud-based service that had around 38,000 business clients. Cloud-storage giant Dropbox recently force-reset 68 million passwords after a major password compromise, reflecting the kind of compromises that drove a recent cloud-authentication partnership between Okta and Google.

Future cloud protection strategies are expected to leverage increasingly responsive technologies as well as artificial intelligence (AI) capabilities. Boosting visibility is a key goal – particularly in the wake of other recent studies such as a Bitglass/Cloud Security Alliance study that found less than 1 in 3 businesses was keeping audit logs of cloud activity and only 28 percent had visibility of user logins that would give them insight into cloud-related 'shadow IT' activity.

Read more: ​Data Classification: the first step in securing your intellectual property

For now, however, the Unisys survey suggests that executives' concerns are still focused as much on the security of their businesses as they are on the security of the cloud services they want to adopt. This reflects a recent Gartner prediction that 20 percent of organisations will develop data-security governance programs by 2018 in response to the need to prevent breaches from public cloud services.

“Data security is at the forefront of today's IT agenda because it's become a given,” the Unisys report notes. “If a company loses a customer's private data, it may not only lose that customer but also face harsh penalties. This is why data security needs to be proactive, whether the data resides on premises or in the cloud – or a combination of the two.”

Join the CSO newsletter!

Error: Please check your email address.

Tags Unisys/IDG researchcloud datastoragecloud securityaktaCSO Australiahackingpoint-of-salenetwork securitycloud data security

More about DropboxGartnerGoogleIDGOkta

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place