Skip to main content

CISOs are finally starting to trust the cloud

(Image credit: Image source: Shutterstock/faithie)

Businesses are finally starting to trust cloud platforms despite some lingering fears over security, new research has found.

A report from Nominet surveying nearly 300 UK and US C-level security professionals found that past concerns about cloud safety are reducing slightly, with cloud and on-premise increasingly being viewed as equally secure.

It found that 61 percent of security professionals believe the risk of a security breach is the same or lower in cloud environments compared to on-premise.

However, cloud’s perceived superiority over on-premise does not mean that respondents consider such systems to be completely safe, with nearly three-quarters (71 percent) saying they were either moderately, very or extremely concerned about malicious activity in cloud systems. 

Following the introduction of GDPR last May, fines for data leaks were cited as the biggest security fear, followed closely by the increasing sophistication of cyber criminals (54 percent).

Overall, US respondents were more wary of the cloud than their UK counterparts, responding almost twice as likely to be extremely concerned (21 percent versus 13 percent), with the healthcare (55 percent), financial services (47 percent) and pharmaceutical (46 percent) industries the most concerned.

Those adopting a multi-cloud approach were also far more likely to have suffered a data breach over the past 12 months -  52 percent of hybrid cloud users and 24 percent of single-cloud users.

“Security has traditionally always been cited as a barrier to cloud adoption, so it is significant that the perceived risk gap between cloud and on-premise has disappeared,” said Stuart Reed, VP of Cyber Security at Nominet. 

“It is evident that security concerns are no longer an insurmountable barrier to cloud deployments given the high adoption rate of cloud services. And, as we move into the ‘cloud era’, arguably security teams need to channel their concern into finding solutions that work with the cloud, just as they have been doing in an on-premise environment. The shift in attitude between on-premise and cloud doesn’t change the remit for security teams, it just puts us on a different type of playing field.”