Earlier this month, J.P. Morgan surveyed 130 CIOs responsible for $88 billion in annual enterprise IT spending. One of the key findings from the survey highlights how 20.1% of today’s IT budgets are spent on the public cloud, a figure CIOs see rising fast to 43.9% within five years.
Why such an increase in spending? Well, cloud applications and tools are mostly affordable and easy to deploy and use. They offer flexibility for growing companies to meet increasing demand seamlessly. The cloud knows no downtime or location restrictions, so employees can conduct business 24x7 from wherever they are.
The current COVID-19 pandemic also plays a role in this increased spending, with 79% of CIOs who participated in the survey agreeing that COVID-19 will hasten their further move to the cloud even sooner than they originally planned.
Securing the Cloud Is Always a Challenge
According to Flexera’s 2020 State of the Cloud Report, 94% of organizations already use either a public or private cloud environment, and Verizon’s 2020 Data Breach Investigations Report states that 24% of all breaches now involve cloud assets.
With the use of the cloud nearly ubiquitous among businesses—and the cloud currently responsible for a growing number of breaches—the talent to secure cloud environments is becoming increasingly difficult to find. In fact, recent research from Enterprise Strategy Group (ESG) shows that cloud security expertise is the single most acute skills shortage facing the cybersecurity industry today.
A cloud services provider does have some responsibility to secure the cloud, but that responsibility ends after it ensures its own infrastructure and applications are secure. That means cloud resources aren’t automatically protected against cyberthreats. Insider threats, hijacked accounts, distributed denial-of-service (DDoS) attacks, and advanced malware still pose viable risks to cloud-based assets and can disrupt business operations and harm essential data.
Where Businesses Fall Short: Security Operations
Leading cloud providers such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform™ have all developed resources, such as APIs and robust logging, to help businesses monitor data traffic and cloud network activity. However, the onus is still on the organization to provide both the instrumentation and the expertise needed to spot threats.
The 2019 Capital One data breach, which leaked sensitive personal information from more than 100 million credit card applications, is a prime example of a security operations failure. In this breach, the alleged perpetrator managed to breach AWS S3 storage buckets through a multi-step, targeted attack. The root cause of the breach was a misconfigured firewall in the Capital One AWS infrastructure. It allowed a hacker to gain access and, to its detriment, Capital One was unable to identify and mitigate the risk in time.
Arctic Wolf Offers a Solution
So how can organizations, who are increasingly investing in the cloud, secure those assets when they lack the internal expertise? According to leading CIOs who participated in JP Morgan’s survey, turning to Arctic Wolf is one way. Among all of the vendors listed by CIOs as standouts, Arctic Wolf is the security operations company with the most mentions by CIOs for our technology, vision, and the value we provide our customers.
While working with Arctic Wolf is one way to improve your security operations, some organizations may have the internal capacity to secure their cloud environments on their own.
If your organization is interested in developing a more strategic approach to security (including the cloud), read our new white paper. “The Path to Security Effectiveness” outlines a vision for how businesses can take the first steps on their security journey. The paper highlights the five key pillars of taking an operational approach to security and outlines why many organizations continue to experience failures with their security operations.
Get started on the next phase of your security journey, read The Path to Security Effectiveness today.