Security News > 2021 > April > Complexity and budgetary constraints complicate cloud security

While spending on cloud services is high, with more than half of respondents having spent more than $10 million and 11% having spent more than $100 million in the last three years, security preparedness is low, with 32% saying they are doing less than they need to, or nothing at all, to ensure security of their cloud resources, an Osterman Research survey reveals.

"Despite being aware of serious shortcomings in public cloud security tools and the rise of cloud-focused vulnerability exploits, 32% of those surveyed are not actively working to solve these challenges," said Mike Osterman, President and Principal Analyst, Osterman Research.

"This is the result of several issues, not least of which is the fact that many organizations are under-resourced, poorly trained and budget-constrained, which results in the inability to address all of their vulnerabilities and risks. Even for those that do have budget available, poor risk decisions can further complicate cloud security."

Regarding the reasons they occur, 53% cited the complexity of their cloud environments, followed by lack of education and training, too few IT and security staff members and unexplained human error.

Overprivileged identities: Identities with significantly more privileges and access than are required to carry out the duties assigned to them introduces a significant risk to the cloud.

Unauthorized access: Due to the complex nature of cloud environments, having visibility into which identities have access to data and resources is increasingly difficult.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/PpfqRXK8ywU/