A new survey of UK security practitioners by Exabeam shows a marked increase in the adoption of cloud-based security tools compared to an earlier study carried out in March prior to the COVID-19 lockdown. The latest data shows 88% of recent respondents said the accelerated move to the cloud was driven by the need to support a remote workforce. The survey tracks the adoption and use of cloud-based security tools.
Among the concerns of moving security products to the cloud, data privacy and data sovereignty top the list, at 56% and 41% respectively. Around a third (31%) are concerned about unauthorised access. However, this latest study shows that almost half of the organisations questioned (44%) are now using cloud-based security products to protect corporate financial information. This represents a dramatic increase – potentially out of necessity during the lockdown period – from Exabeam’s earlier study where only 12% were protecting corporate financial information in this way.
Despite this increased adoption of cloud-based security tools, 86% still consider the move to be risky with 47% considering it to be ‘high risk.’ These concerns are in stark contrast to 87% of respondents who consider themselves to be ‘well-equipped’ to orchestrate cloud-based migration.
Given that event visibility must extend into every virtual cloud and cloud service used by an organisation, a positive finding in the report is that 79% have either good or very good visibility into their cloud applications. With the pandemic driving the shift to a remote workforce, 84% of organisations have significantly improved efforts to ensure better visibility into cloud-based applications. Just over one quarter of those questioned, 26%, believe they have ‘very good visibility’ into cloud-based applications.
The survey results support the benefits of moving to a cloud-based model including minimised resources and overhead, enabling security analysts to complete tasks faster and freeing engineers up to focus on other projects. Improvements in monitoring and tracking of attacks (21%) and access to latest features (20%) are considered the most important gains from using cloud-based security tools. Faster time to value (15%), less maintenance (13%) and less CAPEX (13%) are drivers for cloud adoption, but considered less important.
Other findings include:
- 90% of organisations agree they introduced cloud-based security products at the right time for the business
- In addition to corporate financial information (44%), cloud-based security tools are most commonly used to protect customer information (50%), file sharing (48%) and email (38%)
- Other areas of concern related to cloud-based security tools include integration with other tools (31%) and service outages (29%)
- When deploying cloud-based security solutions, respondents were split between migrating the legacy-based products currently being used (44%) or replacing with cloud-native security tools (42%)
“The momentum towards the adoption of security tools in the cloud has been building for some time. The sudden and – for many – unexpected move to remote working in March opened up the throttle for cloud-based security solutions as organisations had to migrate critical business data to the cloud almost overnight,” says Samantha Humphries, security strategist at Exabeam. “This survey reflects what we are seeing and hearing from our customers. The appetite and intent to move to the cloud exists, and many are now reaping the benefits. Largely as a result of COVID-19, organisations that had adopted a ‘wait and see’ approach have had no choice but to climb aboard the cloud bus, regardless of their concerns.”
The survey was carried out by Censuswide. It questioned 131 UK-based IT security professionals aged 18+, between 9th and 11th June 2020.
Exabeam, which describes itself as the Smarter SIEM company, aims to help security operations and insider threat teams work smarter, allowing them to detect, investigate and respond to cyberattacks in 51% less time.
Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow
