According to the latest McAfee State of Cloud Security report, the cyber skills shortage is to blame for organizations slowing down cloud adoption.
Having surveyed 1,400 CISOs and IT professionals about the main issues and challenges with cloud security, 40% of IT professionals believed a lack of qualified experts was the problem, with data theft ranking number one as the main concern when using the cloud. Furthermore, 56% had stated they had tracked malware infection back to a cloud application, an increase of 52% from 2017.
Critical and important data is often stored in the cloud which is why having the security tools and personnel in place to manage the defenses, is vitally important. There have been signs that the cyber skills gap is improving; however, according to Barika Pace, a research director at Gartner, it can still take up to nine months to recruit a cybersecurity professional. So, even though 97% of respondents declared that their organization uses a form of cloud service, there is still a small pool of qualified security candidates to choose from, leaving enterprises hesitant about pursuing further services like the cloud until suitable staff are found.
The level of unwillingness shown towards cloud adoption is further amplified by the fact that only 69% of cloud users trust the public cloud to keep their information secure, despite 83% stating they store confidential data there.
Security in the cloud has become a big issue of late, with a recent spate of unsecure cloud servers making the headlines. As the European General Data Protection Regulation (GDPR) comes into force, data security and by extension, cloud, will be greatly affected. Enterprises must now be shown to be delivering the highest standards of security for the data they store and process.
Organizations must understand that it will only be a matter of time before they suffer a cyberattack, so by adopting a proactive mindset and ensuring the defense mechanisms are in place to safeguard the data, they will not only build customer trust but also adhere to GDPR requirements.
Encrypting or Tokenizing sensitive data will help prevent the exploitation or misuse of personally identifiable information, enable the company to adhere to GDPR compliance regulations and build trust between the user and client that their data is adequately protected.