In the last 12 months, 40% of businesses have experienced a cloud-based data breach. Despite an increase in cyber-attacks targeting cloud data, the vast majority of firms (83 percent) still fail to encrypt half of the critical data they keep in the cloud, creating even more concerns about the potential effect of cyber criminals. It’s the uitcome of a new study commissioned by Thales and conducted by 451 Research (part of S&P Global Market Intelligence).
Cloud adoption is on the rise, and businesses are diversifying their cloud solutions usage. Around the world, 57 percent of respondents said they utilize two or more cloud infrastructure providers, and almost a quarter (24 percent) said the bulk of their workloads and data are now stored in the cloud.
According to a recent McKinsey & Company report, firms throughout the world have increased cloud adoption by three years compared to pre-pandemic adoption rates. This would represent a substantial transition in the use of cloud-based solutions from data storage to settings where data is utilized transactionally and supports day-to-day business processes.
According to the survey conducted by 451 Research, the 2021 Thales Global Cloud Security Study, one-fifth of firms (21%) store the bulk of their sensitive data in the cloud, and 40% had experienced a data breach in the previous year. There are some similar patterns across firms when it comes to securing their cloud infrastructure, with 33% citing multi-factor authentication (MFA) as a key component of their cybersecurity strategy. However, just 17% of those polled said they had encrypted more than half of the data they stored on the cloud. When organizations use a multicloud strategy, this percentage reduces to 15%.
Even when data is encrypted, 34% of firms hand up ownership of keys to service providers rather than keeping it themselves. Limiting possible access points becomes even more important when a big number of organizations fail to safeguard their data adequately using encryption. However, over half of global corporate executives (48%) say their company lacks a zero trust strategy, and a quarter (25%) say they aren’t even contemplating one.
“Protecting customer data is always the priority, and organizations should strongly consider reviewing their strategies and approaches to proactively protect data in cloud,” said Fernando Montenegro Principal Research Analyst, Information Security at 451 Research, part of S&P Global Market Intelligence added from the 2021 Thales Global Cloud Security Study. “This includes understanding the role of specific technologies including encryption and key management, as well as the shared responsibilities between providers and their customers. As data privacy and sovereignty regulations grow, it will be paramount that organizations have a clear understanding of how they remain responsible for data security and make clear decisions about who is in control and who can access their sensitive data.”
Complexity of Cloud Services
Concerns about the rising complexity of cloud services are widespread among businesses. Managing privacy and data protection in the cloud, according to almost half (46 percent) of worldwide respondents, is more difficult than on-premises solutions.
Many businesses use hybrid models because they cannot fully migrate to the cloud. As cloud adoption becomes increasingly integrated into company infrastructure, 55 percent of firms prefer a ‘lift and shift’ approach to cloud adoption over re-architecting.
“Organizations across the world are struggling to navigate the increased complexity that comes with greater adoption of cloud-based solutions,” said Sebastien Cano, Senior Vice President for Cloud Protection and Licensing activities at Thales. “A robust security strategy is essential to ensuring data and business operations remain secure. With nearly every business reliant on the cloud to some extent, it is vital that security teams have the ability to discover, protect, and maintain control of their data.”
About the 2021 Thales Global Cloud Security Study
The 2021 Thales Cloud Security Study was commissioned by Thales and conducted by 451 Research, part of S&P Global Market Intelligence and includes the viewpoints from more than 2,600 executives with responsibility for or influence over IT and data security. Australia, Brazil, France, Germany, Hong Kong, India, Japan, Mexico, Netherlands, New Zealand, Singapore, South Korea, Sweden, the United Arab Emirates, the United Kingdom, and the United States were among the 16 countries/regions represented in the survey.
Thales (Euronext Paris: HO) is a global provider of advanced technologies, investing in digital and ‘deep tech’ innovations including connectivity, big data, artificial intelligence (AI), cybersecurity and quantum computing. Thales has 81,000 employees in 68 countries. In 2020 the Thales Group generated sales of €17 billion.
Download the infographic (zip file).