Companies Lack Capabilities to Secure Cloud Infrastructure: Report

Most of the organizations that spend at least $1 million each year on cloud infrastructure are operating at the lowest level of cloud security maturity, a report finds.

Nathan Eddy, Contributor

October 25, 2022

2 Min Read
drawing business and 3d laptop. Cloud computing concept. Isolated on white background
Zoonar GmbH / Alamy Stock Photo

Businesses lack dedicated security teams focused specifically on protecting cloud resources from threats, and most organizations are in an entry-level phase in terms of their overall cloud security capabilities.

These were among the findings of an Osterman Research survey, sponsored by cloud infrastructure security company Ermetic, of 326 organizations in North America with 500 or more employees and that spend a minimum of $1 million or more each year on cloud infrastructure.

The study found that 56% of organizations are spending at least $10 million each year on cloud infrastructure, but 80% of organizations do not have a dedicated cloud security team or leader to secure its cloud infrastructure.

"Protecting cloud resources is a unique skill set in comparison to legacy IT security. Legacy skill sets, mindsets, and certifications have not kept pace with the security demands of our cloud-native environments."

— Jasmine Henry, field security director, JupiterOne

Moreover, only 5% of survey respondents currently meet the standards of the highest level —Automated & Integrated — of Ermetic's cloud security maturity model, which defines the key guidelines for a comprehensive security strategy, while 93% of large organizations are only at the low levels of cloud security maturity.

Related:Amazon to Create a Cloud Infrastructure Region in Western Canada

More than half (57%) of organizations adopting a multicloud strategy said they are

operating at the lowest level of cloud security maturity.

Related: The State of Cloud Security

The survey indicated that with each additional cloud, maturity of cloud security practices seems to get increasingly stuck at the "ad hoc" level.

Why Dedicated Cloud Security Team Is a Must to Secure Cloud Infrastructure

A dedicated security team is crucial for protecting cloud resources and services, since hundreds of services need to be protected and each service is a potential attack surface for hackers, according to Igal Gofman, head of research for Ermetic.

"Access management around resources is a complex task and requires deep knowledge of each vendor's access model," he said.

Gofman pointed out that cloud services can be easily accessed from anywhere and are an easy target for attackers since many have excessive permissions.

Please continue reading on our sister site ITPro Today.

About the Author(s)

Nathan Eddy

Nathan Eddy

Contributor

Nathan Eddy is a freelance writer for ITProToday and covers various IT trends and topics across wide variety of industries. A graduate of Northwestern University’s Medill School of Journalism, he is also a documentary filmmaker specializing in architecture and urban planning. He currently lives in Berlin, Germany.

See more from Nathan Eddy
Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.
Newsletter Sign-Up

You May Also Like

Editor's Choice

US city in a heat wave
Outages
How Heat Waves and AI Challenges Are Piling Pressure on Data CentersHow Heat Waves and AI Challenges Are Piling Pressure on Data Centers
byNathan Eddy
Jul 24, 2024
6 Min Read
Data Center Environmental Product Declarations (EPDs) will help the industry improve its sustainability profile.
Green Materials
Data Center Industry Calls for Environmental ‘Nutrition Labels’ to Cut Carbon EmissionsData Center Industry Calls for Environmental ‘Nutrition Labels’ to Cut Carbon Emissions
byJames Walker, Dayneé Alejandra Rosales
Jul 17, 2024
4 Min Read
AI data center construction cranes
Data Center Construction
AI Revolution Will Add Fuel to Data Center Boom, BlackRock SaysAI Revolution Will Add Fuel to Data Center Boom, BlackRock Says
bySean Michael Kerner
Jul 11, 2024
3 Min Read
Exclusive DCK Resources
See all DCK Resources

Industry Voices

close up image of data center wires
AI Data Centers
Nvidia Partner SMC Raising $950 Million to Tap AI Server BoomNvidia Partner SMC Raising $950 Million to Tap AI Server Boom
byBloomberg News
Jul 26, 2024
2 Min Read
Data center news roundup
Build & Design
Data Center News Roundup: H2 Reports Released, Heat Waves Add to Industry WoesData Center News Roundup: H2 Reports Released, Heat Waves Add to Industry Woes
byJames Walker
Jul 26, 2024
4 Min Read
Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.
Newsletter Sign-Up

Featured How Tos

AI data center storage illustration
Data Storage
Deep Dive: Optimizing AI Data Storage ManagementDeep Dive: Optimizing AI Data Storage Management
byDennis Hahn
Jul 12, 2024
8 Min Read
Computer screen showing kill process linux command in action.
Data Center Software
Quick Guide: Kill Processes With Linux Command in SecondsQuick Guide: Kill Processes With Linux Command in Seconds
byJack Vaughan
Jul 9, 2024
4 Min Read
SSH-Keygen Essentials: How to Generate and Manage SSH Keys
Cybersecurity
SSH-Keygen Essentials: How to Generate and Manage SSH KeysSSH-Keygen Essentials: How to Generate and Manage SSH Keys
byJack Vaughan
Jun 10, 2024
4 Min Read