• About Us
  • Contact
  • Careers
  • Send Us a Tip
Menu
  • About Us
  • Contact
  • Careers
  • Send Us a Tip
CyberNews logo
Newsletter
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
Menu
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
CyberNews logo

Home » Security » Report shows IT professionals are dismayed by today’s security standards

Report shows IT professionals are dismayed by today’s security standards

by Adi Gaskell
25 August 2020
in Security
0
Human hand pointing at touchscreen with business document with graphs
32
SHARES

The third-annual Cloud Threat Report from tech giant Oracle and consulting firm KPMG reminds us that even in these disruptive times, some issues remain perennially vexing.

The Covid-19 pandemic has introduced a huge amount of disruption into the lives of IT professionals as they strive to rapidly adapt to changes in working at the same time as trying to ensure these new processes are secure. 

“Today’s businesses are embarking on sweeping digital transformation initiatives to fundamentally retool business models through the strategic use of digital technologies such as cloud services, mobile applications, and data analytics,” the Cloud Threat Report says. “The broad adoption of cloud applications is helping support a surge in remote workers while also creating new opportunities for cybercriminals to conduct cyber fraud.”

The study saw 750 senior IT and cybersecurity professionals from around the world quizzed to understand their concerns and priorities for the year ahead.

The data reveals a somewhat patchwork approach to data security, riddled with misconfigured services and a general sense of confusion around the security models involved in new cloud services. Collectively, this has resulted in a crisis of confidence in the profession that the respondents believe will only be resolved when organizations make security a central part of how they do business.

Data security is a major worry

The scale of the challenge facing the sector was underlined by the fact that, for many IT professionals, they’re roughly three times more concerned about the security of their company’s financial and intellectual property data than they are for the security of their own home.

There is confidence that the new suite of tools are helping, however, with 75% of respondents saying that public cloud servers were more secure than their own data centers, although there was widespread concern about the state of progress in migrating to the cloud, with nearly all respondents doubting the readiness of their organization.

Various high profile data breaches at other firms have, at least, focused the attention of executives regarding the importance of security, with around 80% of respondents saying these breaches have helped to make the case for stronger cybersecurity measures.

A patchwork of tools

A lack of coordination within organizations had also created problems, with respondents reporting a patchwork of cybersecurity products being used to defend organizational data and systems. These tools are seldom configured correctly, and getting them to work effectively together is an ongoing challenge.

Indeed, over 75% of respondents said that their organization was using over 50 cybersecurity products, with 37% of organizations having over 100 in operation.

This presents clear challenges with regards to maintaining defenses, with the misconfiguration of cloud services strongly linked to an increase in data loss incidents. These misconfigurations cover a huge range of topics, but the most common were over-privileged accounts and a lack of multi-factor authentication to key services.

“The lift-and-shift of critical information to the cloud over the last couple of years has shown great promise, but the patchwork of security tools and processes has led to a steady cadence of costly misconfigurations and data leaks. Positive progress is being made, though,” said Steve Daheb, Senior Vice President, Oracle Cloud. “Adopting tools that leverage intelligent automation to help close the skills gap are on the IT spend roadmap for the immediate future and the C-level is methodically unifying the different lines of business with a security-first culture in mind.”

Who is in charge?

The confusion caused by the huge array of security products in use has created notable blind spots as cloud service providers and in-house IT teams struggle to coordinate activities and assume mutual responsibility for security. It’s led to considerable confusion, with just 8% of security staff saying they fully get how the shared responsibility model is working in their organization.

What’s more, the number of tools required to ensure security is maintained is also causing consternation, with around 70% of respondents saying they thought that too many tools were required to secure their cloud infrastructure. 

This has led to the majority of respondents saying their organization had experienced data losses from their cloud service on multiple occasions.

The authors suggest that the only way for this challenge to be resolved is for security to sit at the heart of everything organizations do. This doesn’t just include core processes, but recruitment and training of the right talent needed to stay secure. For instance, the majority of security staff regard AI as crucial in maintaining cybersecurity, but worry that a lack of skills within the organization could be holding them back.

“In response to the current challenging environment, companies have accelerated the movement of workloads, and associated sensitive data, to the cloud to support a new way of working, and to help optimize cost models. This is exposing existing vulnerabilities and creating new risks,” said Tony Buffomante, Global Co-Leader and U.S. Leader of KPMG LLP’s Cyber Security Services. “To be able to manage that increased threat level in this new reality, it is essential that CISOs build security into the design of cloud migration and implementation strategies, staying in regular communication with the business.”

Share32TweetShareShare

Related Posts

Telegram app on mobile

Watch out: there’s a new Telegram scam about

15 January 2021
Nohow International leaks sensitive worker data

12,000+ workers’ IDs, banking details, and other personal data leaked by UK staffing agency

14 January 2021
Email icon on laptop screen

How phishing attacks are evolving and why you should care

14 January 2021
Ransom message on laptop screen

Why ransomware attacks will explode in 2021

12 January 2021
Next Post
Neon version of Google's logo

Exposed FCM keys leaves billions of users open to mass spam and phishing notifications

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Popular News

  • 70TB of Parler users’ messages, videos, and posts leaked by security researchers

    70TB of Parler users’ messages, videos, and posts leaked by security researchers

    81962 shares
    Share 81952 Tweet 0
  • Tutanota vs. ProtonMail: which is the better secure email service?

    0 shares
    Share 0 Tweet 0
  • 1 million highly sensitive NSFW pictures leaked by Korean teen dating app

    59 shares
    Share 59 Tweet 0
  • Bitwarden Review

    0 shares
    Share 0 Tweet 0
  • The ultimate guide to safe and anonymous online payment methods in 2021

    13 shares
    Share 13 Tweet 0
NSFW: tech support workers share their oddest job experiences

NSFW: tech support workers share their oddest job experiences

15 January 2021
This fake TikTok service promises free followers but gives you free malware instead

This fake TikTok service promises free followers but gives you free malware instead

15 January 2021

These researchers create mouth-watering (but fake) pizza images. Why?

15 January 2021
Telegram app on mobile

Watch out: there’s a new Telegram scam about

15 January 2021
Samsung launches new flagship Galaxy S smartphone early, targets remote workers, gamers

Samsung launches new flagship Galaxy S smartphone early, targets remote workers, gamers

15 January 2021
An unintended consequence: can deepfakes kill video evidence?

An unintended consequence: can deepfakes kill video evidence?

14 January 2021
Newsletter

Subscribe for security tips and CyberNews updates.

Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Categories
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
  • VPNs
  • Password Managers
  • Secure Email Providers
  • Antivirus Software Reviews
Tools
  • Personal data leak checker
  • Strong password generator
About Us

We aim to provide you with the latest tech news, product reviews, and analysis that should guide you through the ever-expanding land of technology.

Careers

We are hiring.

  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • In the News
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!