August 18, 2016 By Douglas Bonderud 2 min read

Ask companies about the biggest downside to adopting public cloud computing and the same answer comes up over and over: security. Despite over a decade of cloud advancement and the rise of niche solutions such as security-as-a-service, IT professionals and C-suite members alike are still reluctant to fully embrace public alternatives.

According to ZDNet, however, a recent survey discovered that attitudes may finally be changing. Fifty-one percent of respondents said cloud security was better than on local stacks, and 58 percent argued that public options are the “most secure.” Yet over half still said concerns about data security prevented earlier cloud adoption. What will it take for clouds to finally get the all-clear?

A Shift Is Underway

Cloud adoption is on the rise, noted CloudTech, with 50 percent of those surveyed saying they plan to bump up public usage by 25 percent in the next three years and another one-quarter of respondents planning for a 50 percent usage increase over the same time period.

There is a shift underway, since “all signs point to public cloud adoption growing and enterprise IT becoming more comfortable with the prospect of running their most sensitive data on public cloud infrastructure,” according to Tony Safolan, president of SADA Systems, the organization that conducted the new study. Nonetheless, data security is a consistent touchpoint for all IT pros considering a move to the cloud.

Fact Versus Feeling

So where’s the disconnect? It comes down to fact versus feeling. As noted by InfoWorld, cloud providers understand that a single data breach or security incident could sink their brand and their business. As a result, they spend big money and invest substantial time to develop secure server architecture and ensure data is encrypted, isolated and effectively unassailable — even in the event of government warrants.

What’s more, the centralized model of public clouds makes it possible to quickly deploy patches or hotfixes. Cloud providers are typically on the leading edge of security tech, since it’s a make-or-break investment for their product.

There’s little doubt that public services are, in fact, more secure than on-premises options. But the feeling of moving data off-site and the worry that comes with it still makes IT professionals uneasy. Companies invest, but they’re not always comfortable.

Securing the Public Cloud

Despite their unease, IT professionals now recognize the benefits of shared computing architecture for both sheer computing power and data security. As a result, public cloud spending is on the rise.

But that doesn’t mean the quest to improve cloud security is over. In fact, the opposite is true: Public services are now high-value targets for cybercriminals looking to steal keys to the digital kingdom and swipe corporate data. As a result, both local IT professionals and cloud providers have a vested interest when it comes to locking down the cloud and ensuring new threats can’t gain a foothold.

For example, next-gen endpoint firewalls and unified threat management (UTM) solutions are rapidly becoming commonplace. Under new shared responsibility models, providers work alongside local professionals to discover new security threats and implement controls — such as context-based detection methods and identity-based access approaches — in an effort to improve total cloud security.

Cloud adoption is up, but cloud comfort hasn’t quite caught up. As IT professionals experience cloud protection firsthand and become an integral part of the security discussion, however, expect feelings to align more closely with public cloud facts.

More from

Regulatory harmonization in OT-critical infrastructure faces hurdles

3 min read - In an effort to enhance cyber resilience across critical infrastructure, the Office of the National Cyber Director (ONCD) has recently released a summary of feedback from its 2023 Cybersecurity Regulatory Harmonization Request for Information (RFI). The responses reveal major concerns from critical infrastructure industries related to operational technology (OT), such as energy, transport and manufacturing. Their worries include the current fragmented regulatory landscape and difficulty adapting to new cyber regulations. The frustration appears to be unanimous. Meanwhile, the magnitude of…

Generative AI security requires a solid framework

4 min read - How many companies intentionally refuse to use AI to get their work done faster and more efficiently? Probably none: the advantages of AI are too great to deny.The benefits AI models offer to organizations are undeniable, especially for optimizing critical operations and outputs. However, generative AI also comes with risk. According to the IBM Institute for Business Value, 96% of executives say adopting generative AI makes a security breach likely in their organization within the next three years.CISA Director Jen…

Q&A with Valentina Palmiotti, aka chompie

4 min read - The Pwn2Own computer hacking contest has been around since 2007, and during that time, there has never been a female to score a full win — until now.This milestone was reached at Pwn2Own 2024 in Vancouver, where two women, Valentina Palmiotti and Emma Kirkpatrick, each secured full wins by exploiting kernel vulnerabilities in Microsoft Windows 11. Prior to this year, only Amy Burnett and Alisa Esage had competed in the contest's 17-year history, with Esage achieving a partial win in…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today