Protecting the Cloud

Poca Wander Stock/iStock / Getty Images Plus via Getty Images

One of the technologies that has been instrumental in facilitating smart buildings has been the emergence of “the cloud.” From computing to storage, the cloud allows for a lot of applications to run and interact with one another, often forming the backbone of a smart environment.

According to the second annual State of Cloud Report recently released by Pluralsight, multi-cloud strategies are becoming increasingly commonplace, with more than 65% of organizations currently operating within multi-cloud environments and another 20% saying they’re actively pursuing an additional cloud platform for their cloud environment.

A large majority (71% ) of respondents — comprising more than 1,000 technologists and leaders around the world — said they expect their cloud budgets to increase of the next 12 months and 74% expect their cloud skills development budgets to increase in parallel.

That is key, since the report also identified some skills gaps when it comes to cloud, the largest of which were cited in data, analytics, engineering and storage (42%), followed by security and governance (37%).

The general consensus about cloud and security is that the cloud is at least as secure as other methods. However, no technology is free from vulnerabilities.

For example, a report from Gigamon analyzed the difference between how secure an organization perceives itself to be and how secure it actually is. The report found that while surface-level confidence around hybrid cloud security is high, with 94% of global respondents stating their security tools and processes provide them with complete visibility and insights into their IT infrastructure, in practice, IT and security professionals don’t spot almost one third of security breaches.

Ninety-three percent predict cloud security attacks are only going to increase, and 90% had experienced a breach in the last 18 months. Moreover, 31% of breaches are being identified later down the line, rather than preemptively using security and observability tools — either by data appearing on the dark web, files becoming inaccessible or users experiencing slow application performance (likely due to DoS or inflight exfiltration). This number rises to 48% in the U.S.

Another report from Thales, had similar findings, with more than a third (39%) of businesses experiencing a data breach in their cloud environment last year, an increase on the 35% reported in 2022. In addition, human error was reported as the leading cause of cloud data breaches by over half (55%) of those surveyed.

More concerning, companies are storing more and more sensitive data in the cloud, with 75% of businesses stating that more than 40% of their data stored in the cloud is classified as sensitive, compared to 49% of businesses this time last year. More than a third (38%) ranked Software as a Service (SaaS) applications as the leading target for hackers, closely followed by cloud-based storage (36%).

And fewer are using strong encryption for this sensitive data, with just 22% saying that more than 60% of their sensitive data in the cloud is encrypted.

On the positive side, adoption of robust multi-factor authentication (MFA) has risen to 65%, indicating progress in fortifying access controls. Forty-one percent of organizations have implemented zero trust controls in their cloud infrastructure, but an even smaller percentage (38%) utilizes such controls within their cloud networks.

The cloud is a growing and critical infrastructure tool to smart environments — and it is going to need to become a priority to secure it.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.