Armor Survey Finds Accountability Still Cloudy When It Comes to Securing the Cloud

October 15, 2015

New stats reveal differing opinions between cloud providers, end-users and IT teams for keeping SaaS and IaaS applications secure

RICHARDSON, Texas — (BUSINESS WIRE) — To help today’s organizations make strategic and informed decisions when it comes to secure cloud implementations, Armor has sponsored a new Ponemon Institute study, Cloud Security: Getting It Right. The new findings reveal organizations are divided when it comes to who is responsible for cloud security. Some rely upon their cloud provider to keep SaaS applications secure (31 percent), while others see end-users as being most accountable (20 percent).

Only 16 percent of respondents believe that keeping SaaS applications secure is a shared responsibility between the end-user company and the cloud provider. This runs counter to the fact that the majority of cloud services operate on the premise of shared responsibility, especially when sensitive data is involved.

Just 15 percent of organizations believe the IT security team should be most accountable for securing SaaS applications; however, more than 60 percent of the respondents shared that IT security is rarely or never involved when it comes to evaluating cloud services.

Cloud Security: Getting It Right reflects the responses of 990 individuals in the United States and United Kingdom who hold such positions as chief information officer (CIO), director of IT operations and chief information security officer (CISO). Represented in this research are organizations that process business-critical applications in the cloud and store sensitive or confidential information business data in the cloud environment.

Key Findings

  • Reduced cost and increased efficiency drives the use of cloud services
  • Fifty-six percent of respondents say the ability to save money is by far the primary reason to use cloud resources
  • On-premise IT considered more secure than the cloud
  • Only 33 percent of respondents say they have confidence they are meeting security objectives in the cloud
  • Security and compliance issues are still unclear when it comes to the cloud
  • Seventy-nine percent of respondents say security is important always or most of the time; 74 percent say compliance is considered important always or most of the time

To learn more about the findings of the study, register now for Armor’s exclusive webinar, “8 Common Security Mistakes Repeated in Multi-Cloud Environments.” This event, on October 22, features a live dialogue with Ponemon Institute founder Dr. Larry Ponemon, and diagnoses missteps and responsibility pitfalls encountered during secure cloud deployments. Register:


Jeff Schilling, CSO | Armor
“It is alarming to me that 56 percent of respondents say they are unwilling to pay a premium to ensure the security of sensitive data in the cloud. I believe there is a missed opportunity to get the initiative back from the cyber threat who has owned the good guys for more than 10 years. Virtualization and cloud architecture gives the good guys the opportunity to censor and build a secure environment that puts the threat at a disadvantage. However, the data shows most don’t want to invest in a secure solution and are doomed to repeat the mistakes we made in the network-centric build-out of the Internet.”

Dr. Larry Ponemon, Founder | Ponemon Institute
“The fact that there’s so much confusion about how to properly secure and understand compliance mandates isn’t surprising considering most organizations today still aren’t sure who (internally) should be managing security for the cloud. It’s my hope that organizations will review this report and look in the mirror to see if they’re part of this group that is still allowing for so much confusion when it comes to secure cloud implementations.”

About Armor

The leader in active cyber defense, Armor offers customer-centric security outcomes for retail and eCommerce enterprises, healthcare organizations, payment leaders and financial institutions. Armor protects highly sensitive data for the most security-conscious companies in the world. With its proven cybersecurity approach and proprietary cloud infrastructure built specifically for security, compliance and performance, responsible businesses choose Armor to reduce their risk. For more information, visit or call 1-844-682-2858.

Follow Armor

Voce Communications for Armor
Melissa Felton, 330-401-9220
Vice President