Detecting and responding to cloud security incidents is IT professionals’ top cyber security challenge.
In a recent survey of 450 global IT professionals conducted by Oracle (NYSE: ORCL) and KPMG LLP, results show that organizations are struggling to protect their data amidst a growing number of security breaches. The Oracle and KPMG Cloud Threat Report, 2018 found that 90 percent of information security professionals classify more than half of their cloud data as sensitive. Furthermore, 97 percent have defined cloud-approval policies, however, the vast majority (82 percent) noted they are concerned about employees following these policies.
For enterprises storing sensitive data in the cloud, an enhanced security strategy is key to monitoring and protecting that data. In fact, 40 percent of respondents indicate that detecting and responding to cloud security incidents is now their top cyber security challenge. As part of apparent efforts to address this challenge, four in 10 companies have hired dedicated cloud security architects, while 84 percent are committed to using more automation to effectively defend against sophisticated attackers.
“As organizations expand their cloud footprint, traditional security measures are unable to keep up with the rapid growth of users, applications, data, and infrastructure,” said Akshay Bhargava, vice president, Cloud Business Group, Oracle. “Autonomous security is critical when adopting more cloud services to easily deploy and manage integrated policies that span hybrid and multi-cloud environments. By using machine learning, artificial intelligence and orchestration, organizations can more quickly detect and respond to security threats, and protect their assets.”
“The pace of innovation and change in business strategies today necessitate flexible, cost-effective, cloud-based solutions,” said Tony Buffomante, U.S. Leader of KPMG LLP’s Cyber Security Services. “As many organizations migrate to cloud services, it is critical that their business and security objectives align, and that they establish rigorous controls of their own, versus solely relying on the cyber security measures provided by the cloud vendor.”
Additional Key Findings:
• Changing threat landscape poses challenges: Only 14 percent surveyed are able to effectively analyze and respond to the vast majority (75-100 percent) of their security event data.
• Cyber security spending on the rise: 89 percent surveyed expect their organization to increase cyber security investments in the next fiscal year.
• Inconsistency in cloud policies: 26 percent cited a lack of unified policies across disparate infrastructure as a top challenge.
• Rethinking cloud strategies and providers in the face of changing regulations: General Data Protection Regulation (GDPR) will impact cloud strategies and service provider choices, according to 95 percent of respondents who must comply.
• Mobile users are creating identity and access management (IAM) challenges for organizations: 36 percent said mobile device and application use make IAM controls and monitoring more difficult.
• Automation can help: 29 percent surveyed are using machine learning on a limited basis, 18 percent do so extensively, and another 24 percent are now adding machine learning to existing security tools.
To find out more about the Oracle and KPMG Cloud Threat Report, 2018, visit Oracle at the RSA Conference, April 16-20 in San Francisco. (Booth #1115 – Moscone South)
About the Report
The data in the Oracle and KPMG Cloud Threat Report, 2018 is based on a survey of 450 cyber security and IT professionals from private and public-sector organizations in North America (United States and Canada), Western Europe (United Kingdom), and Asia (Australia, Singapore).
• Download the Oracle and KPMG Cloud Threat Report
• Learn more about Oracle Cloud Security
• Learn more about KPMG Cyber Security Services
• Connect with Oracle Cloud Security on Twitter, Facebook and via Oracle Cloud Security Blog
• Connect with KPMG on Twitter and LinkedIn
The Oracle Cloud offers complete SaaS application suites for ERP, HCM and CX, plus best-in-class database Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) from data centers throughout the Americas, Europe and Asia. For more information about Oracle (NYSE:ORCL), please visit us at www.oracle.com.
KPMG LLP, the audit, tax and advisory firm (www.kpmg.com/us), is the independent U.S. member firm of KPMG International Cooperative ("KPMG International"). KPMG International’s independent member firms have 197,000 professionals working in 154 countries. KPMG International has been named a Leader in the Forrester Research Inc. report, The Forrester Wave™ Information Security Consulting Services Q3 2017. Learn more at www.kpmg.com/us. Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Michael Rudnick/Kristen Morgan
firstname.lastname@example.org / email@example.com