September 20, 2016 By Douglas Bonderud 2 min read

While private and hybrid cloud services have garnered significant attention recently, the public cloud services market isn’t slowing down. As noted by Help Net Security, research firm Gartner predicted 17.2 percent growth this year in this market to reach $208.6 billion, thanks in large part to substantial spending on infrastructure-as-a-service (IaaS) and software-as-a-service (SaaS).

The biggest factor contributing to solid public cloud adoption, however, is solid savings. An organization can save up to 14 percent of its budget by leveraging public cloud offerings. But this adoption doesn’t happen in a vacuum. What does increased public consumption mean for corporate security risk?

Savings and Simplicity Drive Cloud Adoption

So what’s driving the public cloud services market? As noted by InfoWorld, part of the push comes from demand for powerful, high-performance computing (HPC) solutions that just aren’t fiscally or physically possible for companies to build out on-site. Public alternatives, meanwhile, supply both ease of access and significantly lowered costs, providing an easy path for low-risk cloud adoption.

According to ZDNet, line-of-business (LOB) objectives are also well-served by public clouds. For example, public cloud adoption offers companies the ability to innovate using a host of SaaS products rather than developing their own apps in-house.

What’s more, offloading repetitive IT tasks to autonomous cloud services enables IT departments and CISOs to shift from reporting and firefighting to full-on business change, helping to drive improvements in data mining, analytics and customer service.

Living With Security Limitations

In light of these public cloud benefits, it’s easy for companies to gloss over security issues in a rush to match industry momentum. As noted by The National Law Review, however, security concerns remain the top barrier to cloud adoption. Companies are still worried about misuse of employee credentials, hijacked accounts and insecure interfaces or APIs.

These concerns may be justified. Virtualization Review pointed out that since tech advancements such as IPv6 provide publicly addressable IPs to “everything behind the network’s edge,” the kind of edge-driven security public cloud providers offer may be inadequate.

Embracing the Public Cloud Services Market

Security professionals should embrace the public cloud services market for what it offers while acknowledging its limitations. Companies may need to deploy niche security solutions, such as next-generation firewalls or intelligent endpoint protection, while leveraging the secure-by-default mandate of public clouds.

However, by embracing the ideal qualities of public clouds — notably, software delivery and resource scaling — it’s possible to provide local IT professionals the breathing room they need to address large-scale security issues that emerge as a result of cloud adoption.

In other words, going public is a big-picture effort. Automation and access provide the foundation for an improved IT focus on companywide security.

More from

Working in the security clearance world: How security clearances impact jobs

2 min read - We recently published an article about the importance of security clearances for roles across various sectors, particularly those associated with national security and defense.But obtaining a clearance is only part of the journey. Maintaining and potentially expanding your clearance over time requires continued diligence and adherence to stringent guidelines.This brief explainer discusses the duration of security clearances, the recurring processes involved in maintaining them and possibilities for expansion, as well as the economic benefits of these credentialed positions.Duration of security…

White House cements CISA’s role as national coordinator for cybersecurity

2 min read - In 2013, the Obama Administration rolled out "The Presidential Policy Directive (PPD) on Critical Infrastructure Security and Resilience", a forerunner to the Cybersecurity and Infrastructure Security Agency (CISA), created "to strengthen and maintain secure, functioning and resilient critical infrastructure."The directive was groundbreaking in 2013, noting the importance of the rising risk of cyberattacks against critical infrastructure. But as cyber risks are constantly shifting, every cybersecurity program needs to be re-evaluated, and CISA is no exception. That’s why, in April 2024, President…

How a new wave of deepfake-driven cybercrime targets businesses

5 min read - As deepfake attacks on businesses dominate news headlines, detection experts are gathering valuable insights into how these attacks came into being and the vulnerabilities they exploit.Between 2023 and 2024, frequent phishing and social engineering campaigns led to account hijacking and theft of assets and data, identity theft, and reputational damage to businesses across industries.Call centers of major banks and financial institutions are now overwhelmed by an onslaught of deepfake calls using voice cloning technology in efforts to break into customer…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today