Oracle and KMPG Report Cloud Security Confusion for Enterprises

Oracle and KMPG Report Documents Cloud Security Confusion for Enterprises

Today, cloud partners Oracle and KMPG released a joint report on threats to cloud security. The report was generated from data collected by a survey of 456 cybersecurity professionals. Oracle and KMPG interviewed respondents on cybersecurity challenges that come about as a result of adopting cloud software. According to the survey, more and more cybersecurity professionals are adopting cloud services into their infrastructure. With this mass cloud integration, cybersecurity professionals need to be up to speed on cloud security. However, many respondents noted a troubling level of confusion in regards to cloud security challenges.

Oracle and KMPG found that over half of all respondents has at least a quarter of their data in the cloud already. They also noted that 49% of those surveyed expect to have the majority of their data in the cloud by 2020. In addition, 69% of businesses are employing more business-critical cloud services. This data clearly suggests that cloud services are a vital part of enterprise infrastructures.

The problem is that cybersecurity confusion still plagues companies after they incorporate cloud-based programs. 71% of businesses responded that the majority of their data on a public cloud server is sensitive. Oracle and KMPG indicate this as evidence of how business-critical the cloud has become. However, when it comes to the concept of the shared responsibility security model (SRSM), most IT professionals lack fundamental understanding. Of the 456 surveyed, only 18% answered that they fully understand SRSM.

Even more worrying is that security issues might not be exclusively external. 92% of the 456 respondents were at least “somewhat concerned” that internal resources in their organization were violating their own cloud security policies. This correlates with a rise in the number of cybersecurity incidents resulting from shadow IT devices. 50% of those surveyed stated shadow IT lead to unauthorized data access. Also, 48% said shadow IT introduced malware to their network, and 47% claimed shadow IT resulted in lost data. The issues with shadow IT highlight a growing confusion about where cybersecurity attacks vectors can come from.

Check us out on Twitter for the latest in Cloud news and developments!

Daniel Hein