Exabeam Research Shows Companies are Embracing Cloud-based Security Tools, but Concerns Around Risk, Ease of Deployment RemainMarch 26, 2020
Exabeam announced the results of a security practitioner survey that revealed while many companies are beginning to migrate security tools to the cloud, a significant number have concerns. The survey, conducted at the Cloud and Security Expo in London, highlights data privacy, unauthorized access, server outages and integration as key concerns.
The survey shows a mixed picture when it comes to firms migrating security tools to the cloud. While just over half of respondents (52 percent) began migrating to cloud-based security products during or before 2018, around a fifth (18 percent) waited until 2019, three percent started in 2020, 13 percent have not yet started and the remainder don’t know when they’ll migrate. Of those that have started their migration, over half (58 percent) have migrated at least one quarter of their security tools to the cloud, while one third (33 percent) said more than 50 percent of their security tools are now cloud-based.
Typically, organizations migrate security tools to the cloud to minimize the resources and overhead associated with owning and maintaining on-premises equipment and software. This means security teams can avoid system sizing, maintenance, uptime management, and product upgrades. Reducing engineering effort to deploy and maintain new solutions allows security analysts to complete tasks faster and frees engineers up to focus on other projects.
The survey results support this, with improvements in monitoring and tracking of attacks (29 percent) and reduced maintenance (22 percent) considered the most important gains from using cloud-based security tools. CAPEX reductions (18 percent), faster time to value (17 percent) and access to the latest features (13 percent) are drivers for cloud adoption, but considered less important.
However, when asked what concerns they have about moving security tools to the cloud, data privacy (30 percent) remains high on the list, with unauthorized access (16 percent), server outages (14 percent), integration with other security tools (14 percent), and data sovereignty (13 percent) also being raised.
While 22 percent stated migration to the cloud was not a priority for their organization, the results suggest a lack of understanding about the migration issue as a whole. Around a third (32 percent) said they did not know what concerns their organization has about moving security tools to the cloud. Furthermore, despite about a third (32 percent) of respondents saying they consider it to be too difficult or too risky to migrate security tools to the cloud, nearly half said their preference is to migrate legacy products to the cloud (46 percent) rather than replace legacy on-premise products with new cloud-native security tools (54 percent).
Organizations are protecting a variety of data types with cloud-based security tools, with email the most widely protected (22 percent), followed by customer information (21 percent), file-sharing (20 percent) and personnel files (18 percent). However, few organizations (12%) have extended cloud-based security to protecting corporate financial information.
“As organizations modernize their security operations, SaaS solutions are increasingly becoming the deployment model of choice. While the results of this survey show that some security professionals still have concerns, having visibility into cloud services is vital and many organizations are now taking a cloud-first approach to security,” commented Sam Humphries, security strategist, Exabeam.
“We can expect more organizations to migrate their security tools to the cloud this year as security professionals increasingly see the benefits of hosted cloud offerings, which provide the full functionality of traditional on-premise solutions. Added benefits include reduced cost and maintenance issues, as well as eliminating the need to route cloud data to on-premises data centres,” concluded Humphries.
For more information on securing cloud operations, please visit: https://www.exabeam.com/information-security/lifting-the-veil-on-cloud-security/