While private and hybrid cloud services have garnered significant attention recently, the public cloud services market isn’t slowing down. As noted by Help Net Security, research firm Gartner predicted 17.2 percent growth this year in this market to reach $208.6 billion, thanks in large part to substantial spending on infrastructure-as-a-service (IaaS) and software-as-a-service (SaaS).

The biggest factor contributing to solid public cloud adoption, however, is solid savings. An organization can save up to 14 percent of its budget by leveraging public cloud offerings. But this adoption doesn’t happen in a vacuum. What does increased public consumption mean for corporate security risk?

Savings and Simplicity Drive Cloud Adoption

So what’s driving the public cloud services market? As noted by InfoWorld, part of the push comes from demand for powerful, high-performance computing (HPC) solutions that just aren’t fiscally or physically possible for companies to build out on-site. Public alternatives, meanwhile, supply both ease of access and significantly lowered costs, providing an easy path for low-risk cloud adoption.

According to ZDNet, line-of-business (LOB) objectives are also well-served by public clouds. For example, public cloud adoption offers companies the ability to innovate using a host of SaaS products rather than developing their own apps in-house.

What’s more, offloading repetitive IT tasks to autonomous cloud services enables IT departments and CISOs to shift from reporting and firefighting to full-on business change, helping to drive improvements in data mining, analytics and customer service.

Living With Security Limitations

In light of these public cloud benefits, it’s easy for companies to gloss over security issues in a rush to match industry momentum. As noted by The National Law Review, however, security concerns remain the top barrier to cloud adoption. Companies are still worried about misuse of employee credentials, hijacked accounts and insecure interfaces or APIs.

These concerns may be justified. Virtualization Review pointed out that since tech advancements such as IPv6 provide publicly addressable IPs to “everything behind the network’s edge,” the kind of edge-driven security public cloud providers offer may be inadequate.

Embracing the Public Cloud Services Market

Security professionals should embrace the public cloud services market for what it offers while acknowledging its limitations. Companies may need to deploy niche security solutions, such as next-generation firewalls or intelligent endpoint protection, while leveraging the secure-by-default mandate of public clouds.

However, by embracing the ideal qualities of public clouds — notably, software delivery and resource scaling — it’s possible to provide local IT professionals the breathing room they need to address large-scale security issues that emerge as a result of cloud adoption.

In other words, going public is a big-picture effort. Automation and access provide the foundation for an improved IT focus on companywide security.

More from

Security Awareness Training 101: Which Employees Need It?

4 min read - To understand why you need cybersecurity awareness training, you must first understand employees' outsized roles in security breaches. “People remain — by far — the weakest link in an organization’s cybersecurity defenses,” noted Verizon on the release of their 2022 Data Breach Investigations Report (DBIR). They elaborate that 25% of all breaches covered in the report were the result of social engineering attacks, and when you add human errors and misuse of privilege, the human element accounts for 82% of…

4 min read

Beyond Requirements: Tapping the Business Potential of Data Governance and Security

3 min read - Doom and gloom. Fear, uncertainty and doubt. The "stick" versus the "carrot". What do these concepts have in common? They have often provided the primary motivation for organizations’ data governance and security strategies. For the enterprise, this mindset has perpetuated the idea that data governance, data security and data privacy are reactive cost centers existing due to externally imposed requirements or mandates. Yet, what if data governance and security practices could upend the prevailing paradigm and demonstrate direct business value?…

3 min read

Protecting Against Remote Monitoring and Management Phishing

3 min read - You use remote monitoring and management (RMM) software to closely monitor your cyber environment and keep your organization safe. But now cyber criminals are specifically targeting these tools, causing legitimate software to become a vulnerability. This is the latest type of attack in an increase in a recent trend of disruptive software supply chain attacks. The Cybersecurity and Infrastructure Security Agency (CISA) recently released an alert about the malicious use of legitimate remote monitoring and management (RMM) software. Last fall,…

3 min read

Secure-by-Design: Which Comes First, Code or Security?

4 min read - For years, developers and IT security teams have been at loggerheads. While developers feel security slows progress, security teams assert that developers sacrifice security priorities in their quest to accelerate production. This disconnect results in flawed software that is vulnerable to attack. While advocates for speed and security clash, consumers must often pay the price when threat actors strike. 48% of developers admitted they were still shipping code with vulnerabilities in 2022. It’s clearly time for a change. Many believe…

4 min read