2022 Cloud Security Report

Issue 3 2022 Information Security, Infrastructure

The Covid-19 pandemic and the shift to work-from-anywhere has forced organisations to significantly advance their digital acceleration initiatives, resulting in increasingly hybrid IT networks to help deliver better access to applications and data. In many cases, these assets are distributed across data centre networks and cloud deployments that are in a constant state of flux.


In addition to the added complexity of managing hybrid IT architectures, organisations underwent forced acceleration to the cloud due to external factors such as competitive pressures or supply chain issues. The lack of time to properly plan and coordinate around these efforts has led to security gaps across an expanded attack surface. Now, today’s organisations are scrambling to provide consistent security and policy everywhere to defend against attacks without disrupting business operations.

So given this digital acceleration, what is the current state of cloud adoption and cloud security? Fortinet partnered with Cybersecurity Insiders to survey more than 800 cybersecurity professionals from around the world and across industries. The 2022 Cloud Security Report reveals how security executives and practitioners are using the cloud, how their organisations are responding to security threats in the cloud, and the challenges they are facing. Some of the highlights from this year’s report follow.

Digital innovation accelerates cloud adoption

Organisations continue to shift workloads to the cloud at a rapid pace to achieve faster time to market, increased responsiveness to customer needs and cost reductions. 39% of respondents have more than half of their workloads in the cloud.

Most organisations are selecting either a hybrid-cloud (39%, up from 36% last year) or multi-cloud deployment approach (33%) to integrate multiple services, provide scalability or ensure business continuity. 67% of organisations currently use two or more cloud providers. AWS and Microsoft Azure currently top the list, though Google and Oracle are rapidly increasing their investment and market share.


Cloud adoption faces headwinds

This year’s Cloud Security Report is set against a backdrop of increasingly brazen and costly ransomware attacks, and the major disclosure of a severe zero-day vulnerability in the popular Apache Log4j logging tool, used in many enterprise apps and cloud platforms. It’s not surprising that 95% of organisations are moderately to extremely concerned about cloud security.

When Cybersecurity Insiders asked what surprises security professionals uncovered that hinder cloud adoption, they discovered lack of visibility, high cost, lack of control and lack of security are the biggest unforeseen factors that slow or stop cloud adoption. These remain consistently the top inhibitors of cloud adoption when comparing against previous surveys. Addressing these topics is critical to empowering business success.

The survey also reveals that the biggest challenges organisations face are not primarily about technology, but people and processes. Lack of qualified staff (40%, up from 37% last year) is the biggest obstacle to faster adoption, followed by legal and regulatory compliance, and data security issues. Internal upskilling as well as external expertise are major game-changers to accelerating cloud success.

And with most organisations choosing a hybrid or multi-cloud strategy, not surprisingly, they face increased complexity and security challenges. Lack of security skills becomes the top challenge (61%, up from 57% last year), followed by data protection, understanding how different solutions fit together, and loss of visibility and control. Simplifying this complexity is key.


Breaking down the barriers to cloud adoption

To reduce complexity and increase security effectiveness, visionary organisations are taking advantage of a cybersecurity mesh platform. This collaborative approach helps to dramatically reduce the financial impact of security incidents. With threat intelligence shared directly across diverse attack vectors, visibility, management and automation are simpler, meaning that threats are identified and mitigated faster. Ultimately, this reduces complexities, resolves cloud cybersecurity skills and resource gaps, and increases overall security effectiveness.

It’s no surprise that over three-quarters (78%) of respondents consider it very or extremely helpful to have a single cloud security platform to protect data consistently and comprehensively across their cloud footprint.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Access & identity expectations for 2024
Technews Publishing IDEMIA ZKTeco Gallagher Salto Systems Africa Regal Distributors SA Reditron Editor's Choice Access Control & Identity Management Information Security AI & Data Analytics
What does 2024 have in store for the access and identity industry? SMART Security Solutions asked several industry players for their brief thoughts on what they expect this year.

Read more...
Prepare for cyber-physical attacks
Gallagher Information Security Access Control & Identity Management
As the security landscape continues to evolve, organisations must fortify their security solutions to embrace the changing needs of the security and technology industries. Nowhere is this more present than with regard to cybersecurity.

Read more...
Zero Trust and user fatigue
Access Control & Identity Management Information Security
Paul Meyer, Security Solutions Executive, iOCO OpenText, says implementing Zero Trust and enforcing it can create user fatigue, which only leads to carelessness and a couldn’t care attitude.

Read more...
Passwordless, unphishable web browsers
Access Control & Identity Management Information Security
Passkey technology is proving to be an easily deployed way to bring unphishable, biometric-based security to browsers; making identification and authentication much more secure and reliable for all parties.

Read more...
Time is of the essence
Information Security
Ransomware attacks are becoming increasingly common. Yet, many individuals and organisations still lack a clear understanding of how these attacks occur and what can be done to secure their data.

Read more...
All aspects of data protection
Technews Publishing Editor's Choice Information Security Infrastructure AI & Data Analytics
SMART Security Solutions spoke to Kate Mollett, Senior Director, Commvault Africa, about the company and its evolution from a backup specialist to a full data protection specialist, as well as the latest announcements from the company.

Read more...
The song remains the same
Sophos Information Security
Sophos report found that telemetry logs were missing in nearly 42% of the attack cases studied. In 82% of these cases, cybercriminals disabled or wiped out the telemetry to hide their tracks.

Read more...
How hackers exploit our vulnerabilities
Information Security Risk Management & Resilience
Distractions, multi-tasking, and emotional responses increase individuals’ vulnerability to social engineering, manipulation, and various forms of digital attacks; 74% of all data breaches included a human element.

Read more...
Projections for 2024’s Advanced Threats Landscape
News & Events Information Security
Kaspersky Global Research and Analysis Team (GReAT) experts offer insights and projections for 2024 in the Kaspersky Security Bulletin, with a focus on the evolution of Advanced Persistent Threats (APT).

Read more...
Veeam and Sophos in strategic partnership
Information Security
Veeam and Sophos unite with a strategic partnership to advance the security of business-critical backups with managed detection and response for cyber resiliency, and to quickly recover impacted data by exchanging critical information.

Read more...