Swift adoption of cloud-based services and a lack of well-defined security strategies are leaving organisations struggling to keep control of their data, across a sprawling number of services and applications, according to Kaspersky Lab
The research has said that around 35 per cent of businesses admit that they are unsure if certain pieces of corporate information are stored on company servers or on those of their cloud providers.
This makes the safeguarding and accountability of data extremely hard to achieve, putting its integrity at risk and paving the way for potentially severe security and cost implications, said Kaspersky.
With cloud services enabling companies to take advantage of major technologies to support day-to-day operations and growth plans, the rearch has shown that about 78 per cent of businesses are using at least one Software-as-a-Service (SaaS) based platform.
Around 75 per cent are planning to move more applications to the cloud in the future. When it comes to IaaS, approximately 49 per cent of enterprises and 45 per cent of SMBs are looking to outsource IT infrastructure and processes to third parties.
However, for many organisations, the speed of adoption and cost and operational savings has been to the detriment of security, with many using cloud services with no strategy in place for the security of their information. Uncertainty around who is responsible for the security of data in the cloud can often be the basis for this approach. The research has found that around 70 per cent businesses using SaaS and cloud service providers have no clear plan in place to deal with security incidents which could affect their partners.
This lack of planning and accountability by cloud adopters for the security of their information could have serious consequences for companies, with enterprises suffering an average US$1.2mn financial impact as the result of a cloud-related security incident, compared to SU$100k for SMBs.
Therefore, according to the research, businesses have to find ways to get the cloud platform under control. Every package of data needs to be protected wherever it happens to be at any one time. To do so, companies need spotting anomalies within their cloud infrastructures, and that can be achieved through a combination of techniques including machine learning and behavioural analytics.
“This ability to identify and defend against unknown threats is absolutely fundamental to cloud infrastructure security. Besides that, enabling visibility of the cloud ecosystem and its cybersecurity layer will give businesses a clear view on where data resides and if it’s current protection status meets corporate security policies,” the research concluded.