Increasing the number of clouds increases the attack surface of your organization, with multicloud users more likely to experience breaches, a Nominet report finds.
The future of enterprise compute is unmistakably moving toward the cloud, although surveys indicate differing rates of cloud computing adoption depending on the industry. Likewise, security vendors are increasingly offering only a SaaS (software-as-a-service) version of their products, requiring organizations to rely on cloud computing for security—92% of security professionals indicated their business is adopting cloud-based security solutions, according to a report published by Nominet on Tuesday.
Likewise, 88% of respondents indicate that their organization is "currently engaged in, or is planning to adopt cloud and SaaS (software-as-a-service) solutions," while 71% already have an active deployment. Likewise, IaaS (infrastructure-as-a-service) adoption is at 60%, according to the survey. Other service models have modestly lower adoption, including PaaS (platform-as-a-service) at 48%, and BPaaS (business-platform-as-a-service) at 30%.
SEE: Special feature: Managing the multicloud (free PDF) (TechRepublic)
Nearly half (48%) of respondents indicated their organization is using a multicloud deployment, while nearly a quarter (24%) use a hybrid cloud deployment.
Why data breaches are causing consternation for IT pros
Heavily-regulated industries face the prospect of much more severe penalties in the event of a data breach, with respondents working in healthcare (55%), financial services (47%) and pharmaceuticals (46%) indicate being very or extremely concerned by the security risks posed by cloud computing.
"Most respondents (71%) were either moderately, very or extremely concerned," according to the report. "Interestingly, participants from the US were almost twice as likely than those from the UK to be extremely concerned (21% vs 13%)," it also stated. Considering the potentially quite high fines associated with GDPR noncompliance, the disparity between the UK and US is interesting, though US firms are still subject to GDPR compliance, despite it being an EU policy.
Concerningly, 69% of respondents from businesses with active multicloud deployments report experiencing between 11-30 breaches, compared to 19% of those from single cloud businesses, and 13% from hybrid cloud businesses.
This concern is appropriate—using multiple cloud services does theoretically increase the potential attack surface for hackers to utilize when seeking out vulnerabilities through which to exfiltrate data.
- How to become a cybersecurity pro: A cheat sheet (TechRepublic)
- Mastermind con man behind Catch Me If You Can talks cybersecurity (TechRepublic download)
- Windows 10 security: A guide for business leaders (TechRepublic Premium)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- The best password managers of 2019 (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)