Cloud computing ranks as the top risk concern for executives in risk, audit, finance and compliance, according to the latest survey by Gartner, Inc. While cloud computing presents organisations with novel opportunities, a number of new risks — including cybersecurity disclosure and General Data Protection Regulation (GDPR) compliance — make cloud solutions susceptible to unexpected security threats.
In Gartner’s latest quarterly Emerging Risks Report, 110 senior executives in risk, audit, finance and compliance at large global organisations identified cloud computing as the top concern for the second consecutive quarter. Additional information security risks, such as cybersecurity disclosure and GDPR compliance, ranked among the top five concerns of the executives surveyed.
The top two fast-moving, high-impact risks — those which have the ability to cripple an organisation quickly — are also related to information security threats. Social engineering and GDPR compliance were cited as most likely to cause the greatest enterprise damage if not adequately addressed by risk management leaders, according to Gartner. However, only 18% of the cross-functional executives surveyed currently considered social engineering to be a significant enterprise risk.
Executives should expect cybersecurity threats to affect organisations in unpredictable ways. Through 2022, at least 95% of cloud security failures will be the fault of the organisation, according to Gartner. As more sophisticated tactics such as social engineering are engineered to compromise sensitive data, organisations should expand their cybersecurity team to address evolving digital risks.
“Executives are right to expand cloud services as part of their digital business initiatives, but they need to ensure their cloud security strategy keeps up with this growth,” said Matthew Shinkman, practice leader at Gartner. “Leaders should start by clearly identifying their most at-risk areas, which remain obscure to many large organisation leaders.”
Increased adoption brings new risks
Gartner forecasts cloud computing to be a $300 billion (€259.12 billion) business by 2021, as companies increasingly adopt cloud services to realise their desired digital business outcomes. Through the use of cloud services, cloud computing provides the speed and agility that digital business requires. Adopting the cloud can also result in significant cost savings and generate new sources of revenue.
Results from Gartner’s Emerging Risks Report, however, reveal that companies continue to struggle with security. Despite record spending on information security in the last two years, organisations have lost an estimated $400 billion (€345.49 billion) to cyber theft and fraud worldwide. As cybersecurity events and data breaches increase, it is imperative that organisations elevate IT security to a board-level topic and an essential part of any solid digital business growth strategy.
“Executives should promote risk awareness throughout the organisation,” Mr. Shinkman stated. “A strong risk culture helps employees make the right decisions and mitigates poor outcomes.”
More detailed analysis is available to Gartner clients in the full report “2Q 2018 Emerging Risks Report and Monitor.”