Local organisations are overwhelmingly confident in the security of their cloud providers but around half have doubts about their own ability to secure data, as is required under the Shared Responsibility Model for cloud.
That is according to Trend Micro, which polled 2,565 decision makers in 28 countries for a recent security survey.
The cybersecurity company says the poll showed while the pandemic has accelerated the digital transformations of 81 per cent of ANZ businesses it may have also left many insecure.
While cloud infrastructure is secure, Trend Micro says, customers are responsible for securing their own data – which is the basis of the Shared Responsibility Model for cloud.
Nearly all (86 per cent) of ANZ respondents said they are confident they understand their cloud security responsibility, but 99 per cent also believe their cloud service provider (CSP) offers sufficient data protection.
Of those surveyed, less than half (47 per cent) can say they are ‘very’ confident in securing their organisation’s part of the cloud-based responsibility model. This suggests that there may be significant coverage gaps and confirms that the shared responsibility is not understood.
“It’s evident organisations in Australia and New Zealand are embracing digital transformation and adopting the cloud at an accelerated rate,” said Ashley Watkins, vice president, commercial, ANZ. “While this progression is great to see, our findings indicate there is a clear disconnect in the understanding of the cloud shared responsibility model which could result in exposure to reputational and financial damage.
The surveyed ANZ organisations seem to be confident in their cybersecurity posture in the cloud, as:
- 40 per cent claim the acceleration in cloud migration has increased their focus on security best practices
- 85 per cent believe they are fully or mostly in control of securing their remote work environment
- 82 per cent believe they will be fully or mostly in control of securing their future hybrid workplace.
Despite this confidence, many respondents in A/NZ also admitted to experiencing security related challenges:
- 55 per cent said that security is a “very significant” or “significant” barrier to cloud adoption
- Patching (41 per cent), setting consistent policies (39 per cent), and lack of integration with on-premise security technologies (36 per cent) were cited as the top three day-to-day operational headaches of protecting cloud workloads
- Lack of integration with on-premises security technologies (43 per cent), data privacy (38 per cent) and compliance (28 per cent) was reported as significant barriers in migrating to cloud-based security tools.