Data Security Keeps CIOs Awake at Night, Finds Study
A new study found that CIOs are more concerned about the security of their company’s data than the security of their own home.
Data security is creating fear and trust issues for CIOs and IT professionals in these COVID-19 times. According to a new Oracle-KPMG study, IT professionals are more concerned about the security of company financials and intellectual property than their home security. And needless to say, data security is giving sleepless nights to IT professionals.
What’s worrisome is that only 8% of IT security executives said they fully understand the Cloud shared responsibility security model, said the study, which polled 750 CIO/CISOs worldwide and across industries.
The study shockingly reveals that most IT and security professionals IT professionals are using a patchwork of different cybersecurity products to try and address data security concerns, but face an uphill battle as these systems are seldom configured correctly. This in turn has created a crisis of confidence that can only be fixed by those organizations that can make security part of the culture of their business.
“Adopting tools that leverage intelligent automation to help close the skills gap are on the IT spend roadmap for the immediate future and the C-level is methodically unifying the different lines of business with a security-first culture in mind,” said Steve Daheb, Senior Vice President, Oracle Cloud.
Organizations that discovered misconfigured cloud services experienced 10 or more data loss incidents in the last year, according to the report. IT professionals are using a patchwork of different cybersecurity products to try and address data security concerns, but face an uphill battle as these systems are seldom configured correctly.
The study also shows, while 78% of organizations said they are using more than 50 discrete cybersecurity products to address security issues, 37% used more than 100 cybersecurity products.
In fact, nearly two-thirds of the organizations shared that employees with privileged cloud accounts have had those credentials compromised by a spear phishing attack. The most common types of misconfigurations include Over-privileged accounts, exposed web servers and lack of multi-factor authentication for access to key services.
“Seventy-five per cent of IT professionals view public cloud as more secure than their own data centres, yet 92% of IT professionals do not trust their organization is well prepared to secure public cloud services,” the findings showed.
Nearly 80% of IT professionals said that recent data breaches experienced by other businesses have increased their organization’s focus on securing data moving forward.
“In response to the current challenging environment, companies have accelerated the movement of workloads, and associated sensitive data, to the cloud to support a new way of working, and to help optimize cost models. This is exposing existing vulnerabilities and creating new risks,” explained Tony Buffomante, Global Co-Leader and U.S. Leader of KPMG LLP”s Cyber Security Services.
The silver lining is, 87% of CIOs saw AI/ML capabilities as a “must-have” for new security purchases, as per the report.
To address the increasing data security concerns and trust issues, cloud service providers and IT teams need to work together to build a security-first culture, the study recommends. This includes hiring, training, and retaining skilled IT security professionals, and constantly improving processes and technologies to help mitigate threats in an increasingly expanding digital world.