20% of Organizations Experience Public Cloud Infrastructure Attacks
Lack of adequate visibility and control are among the primary cloud challenges for today’s organizations, according to a survey of 1,400 IT decision-makers conducted by McAfee.
Key findings from McAfee’s annual “Navigating a Cloudy Sky: Practical Guidance and the State of Cloud Security” report included:
- 83 percent of IT professionals store sensitive information in the cloud, and 69 percent trust the public cloud to keep their sensitive data secure.
- 56 percent have tracked a malware infection back to a cloud application.
- 25 percent said they experienced cloud malware infections caused by phishing.
- 25 percent have experienced data theft from the public cloud.
- 20 percent have experienced an advanced attack against their public cloud infrastructure.
On average, IT professionals allocate 27 percent of their security budget to cloud security, the report indicated. This figure is estimated to reach 37 percent in 12 months.
Cybersecurity Skills Shortage Is Decreasing
The shortage of cybersecurity skills related to cloud adoption is decreasing, McAfee noted in its report.
Forty percent of IT professionals said they have slowed their cloud adoption as a result of a cybersecurity skills shortage, down from 49 percent last year, according to the report.
Conversely, the number of organizations with a cloud-first strategy was 65 percent this year, down from 82 percent in 2017, the report showed. Yet most IT professionals with a cloud-first strategy believe public cloud environments are safer than private cloud options.
Cloud visibility enables an organization to leverage cloud applications, respond to security threats and reduce its operating expenses, McAfee stated. Although organizations want as much cloud visibility as possibility, they often struggle to effectively monitor their cloud environments and optimize their cloud security.
Secure Cloud Adoption Best Practices
McAfee offered three recommendations to help organizations ensure secure cloud adoption:
- Eliminate siloed security teams. Organizations should incorporate consistent development, quality assurance and security processes across all departments.
- Use automation and management tools. Automation and management tools like Chef, Puppet and Ansible can be used in both public and private cloud environments and help organizations modernize their IT operations.
- Leverage a unified security solution. A unified security solution with an open integration fabric helps an organization reduce the complexity commonly associated with managing multiple clouds.
Cloud visibility should be a top priority for IT professionals, McAfee said. If IT professionals can see everything that is happening in their cloud environments, they can quickly address malware, ransomware and other vulnerabilities.
Meta Description: Most IT professionals have tracked a malware infection back to a cloud application, a survey conducted by cybersecurity solutions provider McAfee shows.