SaaS applications are supplanting traditional desktop , and visibility into cloud workloads is a major problem, according to Symantec.

Businesses don’t get how AI cybersecurity tools work, but plan to use them anyway
Some 71% of businesses plan to use AI and machine learning in their security tools this year, though over half aren’t sure what that tech really does, according to Webroot.
- 20190313alisoncybersecaikaren - Why half of enterprises struggle to keep pace with cloud security

You’ve heard it for years—the future of business applications is mostly cloudy, and that brave new world has come to pass, as a 53% of enterprise compute workloads have now migrated to the cloud, according to Symantec’s Cloud Security Report, published Monday, The report also finds 54% of respondents indicate their organization’s cloud security is not able to keep up with cloud applications.

To be fair, there is a lot to keep up with—93% of respondents indicate their organizations are storing in more than one environment, with 69% of respondents still storing on premises. “This heterogeneity makes it difficult to achieve visibility across applications and workloads,” the report notes, “ushering in a host of that tax the expertise and bandwidth of IT staff and make some legacy cyber defense tools and processes obsolete.”

Symantec also notes that “the average organization believes its employees are using 452 cloud apps,” but Symantec contends the actual number is 1,807, which is a bidirectional problem at best. IT decision makers should be more aware of what third-party services are being used by employees, though throwing any web-based service in the category of cloud application dilutes the meaning of both “cloud” and “application.” Independent of these definitions, 93% of respondents indicated difficulties monitoring all cloud workloads.

SEE: Launching a career in cybersecurity: An insider’s guide (free PDF) (TechRepublic)

This underlies a perennial problem among IT staff—the increasing potential attack surface for which data can be compromised is too large, with 49% of respondents indicating their cloud security is inadequate to deal with “all incoming alerts,” with 92% indicating a need to enhance their own skills, and 84% indicating a need to bring on more staff to handle the influx.

Keeping sensitive company data within security perimeters is the predominant issue among respondents, with 93% of respondents indicating they “grapple with users oversharing cloud files containing sensitive and compliance-related data, while on average 35% of cloud files are overshared,” according to the report. Further, 68% indicate they have seen direct or likely evidence that their data was made available on dark web marketplaces.

Symantec advocates creating governance strategy supported by a “Cloud Center of Excellence” to combat unsanctioned cloud usage, as well as embracing a zero-trust security model, use of automation and
artificial intelligence
, as well as DevSecOps.

For more, learn how fraudulent domain names are powering phishing attacks, and why ransomware is rebounding in popularity as cryptojacking loses steam on TechRepublic.

Also see

istock-964582068.jpg  - istock 964582068 - Why half of enterprises struggle to keep pace with cloud security

Ronnie Chua, Getty Images/iStockphoto



Source link

No tags for this post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here