Nearly Half of UK IT Leaders Have Not Upgraded to Cloud Security

Nearly half (47%) of UK IT leaders have not updated their security strategies to account for their move to cloud environments, putting their organizations at higher risk of cyber-attack, according to a new study by Trend Micro commissioned for CLOUDSEC Online.

This is despite the fact that traditional on-premises security such as firewalls, network intrusion prevention systems (IPS/IDS) and anti-virus are unsuitable for cloud environments as they tend to create performance bottlenecks and security gaps.

Yet the survey showed that many IT leaders are keen for a single platform to provide cloud and on-premises security, with lack of integration between the two types of tooling cited by 43% of respondents as the biggest barrier to the adoption of cloud security. Additionally, 33% stated that this integration issue was their biggest day-to-day operational headache.

Over half (55%) also expressed a desire for third-party security providers to integrate with multiple platform and application vendors, while 54% want a security vendor “aligned” to their cloud journey.

The report noted that security vendor integration is becoming more important as organizations increasingly shift to multi-cloud environments.

Bharat Mistry, principal security strategist at Trend Micro, commented: “This is particularly concerning as 23% of organizations explained that they’ve already moved partly or fully to a DevOps model in order to drive digital transformation. Container, serverless and other emerging technologies require specially designed security capabilities delivered as application program interfaces (APIs) in order to provide appropriate protection without interrupting development pipelines.”

Earlier this month, the 2020 Cloud Security Report revealed that configuration errors are the number one threat to cloud security in the view of industry professionals, with multiple barriers to the further adoption of cloud services outlined by those surveyed.

What’s Hot on Infosecurity Magazine?