Fresh off the public release of Armor’s study with the Ponemon Institute — Cloud Security: Getting It Right — Armor CSO Jeff Schilling and Vice President of Security Wayne Reynolds synced with both eWeek and Dark Reading to explore some of the more telling findings of the report.
As Armor reported, most organizations remain divided when it comes to who is responsible for cloud security. Just as concerning, more than 60 percent of the respondents shared that IT security is rarely or never involved when it comes to evaluating cloud services.
“Security is something that is everyone’s responsibility to some degree, yet no one particular function seems to step up and own it,” Schilling said to eWeek. “This is absolutely where managed security providers can come in to take on some responsibilities and share some of the risk.”
Schilling, who is a former director of the U.S. Army’s Global Network Operations and Security Center, says that organizations need to understand that the cloud is the best environment to secure — because it was designed to do so and provides much better visibility than legacy infrastructure. They just need to be ready to make a commitment to the cloud — via staffing, priority and budget.
“It continues to surprise me that there seems to be an agreement in the industry that security is important and continues to be a major concern in the cloud,” Reynolds told Dark Reading. “Yet more than half of the respondents are unwilling to pay a premium to ensure [that] security.”
Cloud Security: Getting It Right reflects the responses of 990 individuals in the United States and United Kingdom who hold such positions as chief information officer (CIO), director of IT operations and chief information security officer (CISO).
Represented in this research are organizations that process business-critical applications in the cloud and store sensitive or confidential information business data in the cloud environment.
Want to read the full study? Download “Cloud Security: Getting it Right” from Armor’s resource center.