C-Suite Survey: Accelerated Cloud Migrations, Lagging Security

0
1241

Recently, Enterprise Management Associates (EMA) conducted a research survey for Radware of senior executives across the globe to gain a better understanding of the perceptions of current cybersecurity challenges and opportunities for C-suite executives. The 2020 “C-Suite Perspectives Report on IT Security” reveals that the COVID-19 pandemic was a major accelerant for organizations to quickly move forward with the migration of business infrastructure and applications to the cloud.

2020 has seen some significant shifts in how organizations rely on critical information technology services for day-to-day operations. While some have always understood the critical nature of IT, the pandemic has forced organizations to accelerate their cloud migration strategy and operate with reduced budgets and resources, all while protecting their organization from existing and emerging cybersecurity threats.

It’s All About the Cloud

Almost immediately after the start of the pandemic lockdowns and health orders, it became obvious that those companies with workloads based in the cloud were well positioned to shift normal business operations. When the pandemic restrictions came about, companies with a bulk of their corporate communications and infrastructure in the cloud were literally able to scale up additional instances with a mouse click, and employees were immediately productive.

[You may also like: Smart DDoS Protection During the COVID-19 Crisis]

Those companies that were not well positioned in the cloud immediately accelerated their plans for cloud migration. Seventy-six percent of companies that we surveyed re-prioritized or accelerated their cloud migration projects. Apart from employee productivity, organizations with a cloud infrastructure were able to more quickly adapt to the increased importance of contactless revenue streams, such as e-commerce and virtual services. Those companies that adopted the cloud were well positioned to survive (and in some cases thrive) during the pandemic. In fact, 56% of companies surveyed saw an immediate uptick in revenues on their e-commerce/contactless revenue streams. 

Doing More, With Less

One immediate result of the pandemic was that IT leaders were forced to do more with less: from resources, to budget, to headcount—many organizations went into a preservation mode, cutting costs and expenses in every corner. Fifty-six percent saw a significant impact on their business revenue due to the pandemic and 43% of organizations reported a reduction in their workforce. Interestingly, almost 50% of the business leaders indicated that the reductions in real estate, headcount, and budget were permanent.

Because of this, many of the organizations are relying on third parties to close the gap, especially when it comes to information security. Thirty-two percent of respondents reported that they depended on the cloud-hosting providers to secure their digital assets. Even more concerning is the fact that while organizations are leaning on the cloud providers for security, they also lack a basic understanding of the shared responsibility model for information security in the cloud.

Securing the Cloud

Cloud providers have spent billions of dollars educating their clients on how the security of assets in the cloud is distributed, but year after year, the headlines are filled with stories of data and security breaches in the cloud, nearly always a result of a failure of the shared responsibility model. Organizations that depend on the cloud providers for security may see a greater chance of a security incident in the future.

Executives are looking to their security teams to give them a level of comfort about their organization’s overall security. Unfortunately, most do not have that level of comfort. About 50% of the respondents were not confident of their organization’s ability to deal with unknown threats, while 30% have seen an increase in attacks during the pandemic.

[You may also like: Why You Should Reconsider DDoS Mitigation from Public Cloud Providers]

And it isn’t because execs aren’t paying attention: 69% of executives surveyed indicated that half of their time was dedicated to addressing security-related concerns. Nearly three quarters of the executives listed increased service disruptions, ransomware, and artificial intelligence as the evolving threats that most concern them, and they lack effective measures to deal with these threats. 

The pandemic forced organizations to accelerate their migration to the cloud. Some business leaders took the pandemic disruption as a chance to improve their organizations by building resiliency, honing budget management, and adopting new processes and technologies. With proper planning and agile leadership, they were able to refocus their businesses, products, and services to address immediate demands while providing the infrastructure necessary for their customers and employees in a contactless economy.

Download Radware’s C-Suite Perspectives report to learn more.

Download Now

Previous articleHow to Respond to a DDoS Ransom Note
Next articleC-Suite Perspectives 2020
Christopher Steffen, CISSP, CISA brings over 20 years of industry experience to Enterprise Management Associates, focusing on IT management / leadership, cloud security and regulatory compliance. Chris has had a variety of roles as a professional, from Camping Director for the Boy Scouts to Press Secretary for the Colorado Speaker of the House. His technical career started in the financial services vertical as the systems administrator for a credit reporting company. As the company continued to grow, he took greater management responsibilities, built the Network Operations, Information Security and Technical Compliance practices for the company before leaving as the Principal Technical Architect. He has been the Director of IT for a manufacturing company and the Chief Evangelist for several technical companies, focusing on cloud security. Prior to joining EMA, Chris served as the CIO of a financial services company, overseeing the technology related functions of the enterprise, including the development and implementation of the company’s technical vision and management of the technical staff. He also guided the company through a NIST 800-53 evaluation and successfully obtained an Authority to Operate (ATO). Chris holds several technical certifications, including Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA), and was awarded the Microsoft Most Valuable Professional Award five times for virtualization and Cloud and Data Center Management (CDM). B.A., Political Science (Summa Cum Laude), Metropolitan State College of Denver.

LEAVE A REPLY

Please enter your comment!
Please enter your name here