One in three CISOs view cloud as a security risk

Uncontrolled cloud expansion is more worrying than legacy IT or insider threats

Cloud security

The cloud may be powering a great deal of business transformation, but many security leaders aren't entirely happy about it, as new research reveals that one-third of CISOs view the cloud as their biggest security risk.

According to a study of 250 global CISOs and security leaders conducted by Kaspersky Lab, 30% of survey participants ranked cloud computing as the security risk that they were most worried about. This outranks both legacy IT and insider threats, which were listed as the top the top concern by 12% and 10% of CISOs respectively.

To be more specific, it's not just cloud computing in general that was identified as a potential danger, but cloud computing and "uncontrolled cloud expansion" by different departments and lines of business within the organisation.

This could imply that CISOs are concerned about the potential security risks introduced by HR, finance and other departments procuring their own IT on an as-a-service model, without any oversight from the security team - although only 5% of respondents specifically identified shadow IT as a risk.

"The CISO's job is to exert controls to stop uncontrolled cloud and promote controlled cloud," said AmTrust International head of cyber security and IT Pro Panellist Ian Thornton-Trump.

"If folks are circumventing the CISO and rolling out uncontrolled cloud it really means there is no policy, strategy or guidance on cloud and that, my friend, is the CISO's job to fix. Panic helps no one, planning helps everyone."

"Just because it's cloud does not mean it's any more risky than having anything else uncontrolled in your business."

The majority (86%) of CISOs believe that security breaches are inevitable, according to the research. That's a belief that coincides with almost half of the respondents reporting that CISOs have become risk management professionals over the past few years.

"My role actually consists of one very simple paradigm: minimising cybersecurity risks for the group," the CISO of a Swiss construction firm told Kaspersky.

"Furthermore, when it comes to the more 'human' part of my role, I'm a manager of very talented cybersecurity specialists, who are targets of multiple head hunters at the moment."

Despite this focus on risk, however, only around one third of CISOs said that assessing and managing security risks was the most important part of their job, with the majority reporting that it was the implementation and management of security solutions.

Featured Resources

Key considerations for implementing secure telework at scale

Identifying the security risks and advanced requirements of a remote workforce

Download now

The State of Salesforce 2020

Your guide to getting the most from Salesforce

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Rethink your cybersecurity strategy for the new world

5 steps to secure the enterprise and be fit for a flexible future

Download now

Recommended

Infostretch is now an AWS advanced consulting partner
Amazon Web Services (AWS)

Infostretch is now an AWS advanced consulting partner

4 Aug 2020
Ingram Micro joins Red Hat Certified Cloud and Service Provider program
Cloud

Ingram Micro joins Red Hat Certified Cloud and Service Provider program

9 Jun 2020
Matt Gallatin joins Reltio as its chief financial officer
Cloud

Matt Gallatin joins Reltio as its chief financial officer

5 Jun 2020
Hackers are wreaking havoc on Google’s Cloud infrastructure
hacking

Hackers are wreaking havoc on Google’s Cloud infrastructure

1 Jun 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
How do I fix the Windows 10 Start Menu if it's frozen?
operating systems

How do I fix the Windows 10 Start Menu if it's frozen?

3 Aug 2020