Armor Survey Finds Accountability Still Cloudy When It Comes to Securing the Cloud

To help today’s organizations make strategic and informed decisions when it comes to secure cloud implementations, Armor has sponsored a new Ponemon Institute study, Cloud Security: Getting It Right.

The new findings reveal organizations are divided when it comes to who is responsible for cloud security. Some rely upon their cloud provider to keep SaaS applications secure (31 percent), while others see end-users as being most accountable (20 percent).

Only 16 percent of respondents believe that keeping SaaS applications secure is a shared responsibility between the end-user company and the cloud provider. This runs counter to the fact that the majority of cloud services operate on the premise of shared responsibility, especially when sensitive data is involved.

Just 15 percent of organizations believe the IT security team should be most accountable for securing SaaS applications; however, more than 60 percent of the respondents shared that IT security is rarely or never involved when it comes to evaluating cloud services.

Cloud Security: Getting It Right reflects the responses of 990 individuals in the United States and United Kingdom who hold such positions as chief information officer (CIO), director of IT operations and chief information security officer (CISO). Represented in this research are organizations that process business-critical applications in the cloud and store sensitive or confidential information business data in the cloud environment.

Key Findings:

Reduced cost and increased efficiency drives the use of cloud services

• Fifty-six percent of respondents say the ability to save money is by far the primary reason to use cloud resources

On-premise IT considered more secure than the cloud

• Only 33 percent of respondents say they have confidence they are meeting security objectives in the cloud

Security and compliance issues are still unclear when it comes to the cloud

• Seventy-nine percent of respondents say security is important always or most of the time; 74 percent say compliance is considered important always or most of the time

To learn more about the findings of the study, register now for Armor’s exclusive webinar, “8 Common Security Mistakes Repeated in Multi-Cloud Environments.” This event, on October 22, features a live dialogue with Ponemon Institute founder Dr. Larry Ponemon, and diagnoses missteps and responsibility pitfalls encountered during secure cloud deployments. Register: https://info.armor.com/Armor-Ponemon-Webinar-10-22-15.html

“It is alarming to me that 56 percent of respondents say they are unwilling to pay a premium to ensure the security of sensitive data in the cloud. I believe there is a missed opportunity to get the initiative back from the cyber threat who has owned the good guys for more than 10 years. Virtualization and cloud architecture gives the good guys the opportunity to censor and build a secure environment that puts the threat at a disadvantage. However, the data shows most don’t want to invest in a secure solution and are doomed to repeat the mistakes we made in the network-centric build-out of the Internet.”  — Jeff Schilling, CSO | Armor