Cloud security “a board-level concern” for 61% of companies, but skills shortage hinders adoption

The Cloud Security Alliance (CSA)’s recently released Cloud Adoption Practices & Priorities Survey Report analyses Cloud adoption around the world and examines the challenges faced by organisations as they move their data to Cloud services.

An organisation’s board is ultimately responsible for the security of its information, wherever it’s held. As more and more organisations are taking advantage of virtualised networks to enable mobile working, it’s no surprise that decisions relating to Cloud security are therefore shifting from the IT department to the boardroom (“the security of data in the cloud is now an executive or board-level concern for 61 percent of companies”). Nor is it surprising that “cloud security projects were the leading IT project in 2014”.

The CSA report found that:

  • There is a regional difference in board engagement, with the Americas lagging behind the rest of the world. Executives “in the EMEA region are more involved in security discussions, with 68 percent… concerned about cloud security versus just 54 percent of their counterparts in the Americas.”
  • Although 74% of respondents are moving “full steam ahead” with Cloud adoption, 34% of respondents said that “a lack of knowledge and experience on the part of IT and business managers” is a significant barrier.
  • Only “22 percent of organizations have a cloud security awareness training program, while another 36 percent plan to create one.”
  • Governing Cloud usage also remains a problem. “50 percent of companies have a policy on acceptable cloud usage”, but “only 16 percent of companies have a policy that is being fully enforced”.
  • Larger enterprises have the most policies and procedures in place. Companies “with more than 5,000 employees are more likely to have a cloud governance committee, have a policy on acceptable cloud usage, and have a security awareness training program compared to companies with fewer than 5,000 employees.”

Cloud implementation resources

If your organisation is adopting Cloud services but feels hindered by a lack of knowledge, IT Governance’s two-day Cloud Computing Foundation Training Course will provide all you need, including a recognised industry-standard certification awarded by EXIN upon successful completion of the course’s exam. Click for more information >>

We also supply a range of Cloud computing books in our webstore, including Data Protection and the Cloud – Are the risks too great? This pocket guide highlights the risks an organisation’s use of the Cloud might generate, and offers the kind of remedial measures that might be taken to mitigate those risks.

Data Protection and the Cloud is published next Monday. Pre-order today and be the first to read this insightful new guide.