Skip to main content

Keeping the cloud secure remains a major challenge for many firms

(Image credit: Image source: Shutterstock/faithie)

Businesses are struggling to monitor and secure cloud environments (opens in new tab), risking financial penalty and damage to customer loyalty.

Based on a poll of 310 security pros, a new report from Tripwire claims that three quarters of businesses struggle to maintain their security configurations in the cloud.

Some claim their cloud risk management capabilities are sub-standard, compared to other parts of the IT environment, while virtually all (93 percent) are afraid of an employee accidentally exposing sensitive data.

One of the ways criminals find their way into sensitive corporate data is by regularly running automated searches in the cloud. However, just a fifth (21 percent) of businesses assess their overall cloud security posture in real time, with another fifth performing checks it on a weekly basis.

Almost a quarter (22 per cent), meanwhile, conceded to assessing their cloud security (opens in new tab) posture manually.

“Security teams are dealing with much more complex environments, and it can be extremely difficult to stay on top of the growing cloud footprint without having the right strategy and resources in place,” said Tim Erlin, Vice president of Product Management and Strategy at Tripwire.

“Fortunately, there are well-established frameworks, such as CIS benchmarks, which provide prioritized recommendations for securing the cloud. However, the ongoing work of maintaining proper security controls often goes undone or puts too much strain on resources, leading to human error.”

The report states that most organizations use either CIS or NIST frameworks to secure their cloud environments. While most use some form of automated enforcement in the cloud, almost all respondents (92 percent) want to increase levels of automation.

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.