Over half of cybersecurity professionals are reporting misalignment between them and the rest of the business when it comes to the cloud and security issues, according to new research by Palo Alto Networks.
Across Europe and the Middle East, 70% of respondents to the survey said that a rush to the cloud is leaving companies open to security risks. With 96% of organizations looking to move to the cloud in the next 12 to 24 months (The Truth in Cloud, Veritas Technologies), cybersecurity professionals are feeling under-consulted on cloud security and believe they should have more control.
Cybersecurity has roots in IT security, where all drivers for technology security were information-driven, according to Gartner. However, the analyst firm also noted that digital business has transformed the approach to security to consider the impact of cyber-functions on physical state changes, and vice versa.
Asset-centric industries such as manufacturing, energy, utilities, healthcare and transportation also incorporate technology directly into their real-time production and operational processes. Even information-centric organizations such as banks, insurance companies and legal firms use modern digital technologies and processes in digital business initiatives.
“The adoption of the cloud is driven by the desire for more agile, innovative digital operations that cybersecurity needs to emulate," said Greg Day, vice-president and regional chief security officer for EMEA, Palo Alto Networks. "This is vital as cybersecurity professionals can often find it tough to keep pace and may fear the rest of the organization wrongly believes cybersecurity is an obstacle when, actually, it can help realize cloud ambitions.
"For cybersecurity to be as agile as business demands, today’s cybersecurity leadership needs to maintain firm and consistent control over cybersecurity across all environments, including cloud and multi-cloud.”
However, Mike Turner, CISO, Capgemini, argued that the C-Suite needs to lead the charge in aligning the business: “CISOs have been traditionally employed to ensure that the IT estate is secure and that the technologies chosen by the CIO meet the security requirements of the business.
“However, as security risks increasingly make their way onto the CEO radar, CISOs must be ready to respond in C-suite language and use their unique perspective to drive change that creates real business value.”