Cloud Security Survey: 2016 Results

In the second annual Cloud Security Survey, CloudPassage surveyed the more than 300,000 members of LinkedIn’s Information Security Community on the state of cloud security. As companies continue to invest in the cloud to reduce IT costs and increase flexibility and scalability, privacy and security of data remain top concerns.

Among the key findings include the following:

Security concerns are the number one barrier to cloud adoption. General security concerns (53%) top the list, followed by legal and regulatory compliance concerns (42%-up from 29% in last year’s survey) and data loss and leakage risks (40%).

Yes, The Cloud Can Be A Security Win

With the right controls in place, the cloud doesn't have to be a scary place. These guidelines can help your company stay safe.

There are so many different kinds of clouds - public, private, hybrid, internal - that many businesses and customers have difficulty deciding which is the right one for them. Furthermore, many businesses may use a few different variations of cloud environments - a private cloud for their own intranet, a hybrid cloud to keep some data on premises and some off premises to meet compliance regulations, and a public cloud for low-risk data.

These different types of environments make it difficult for IT and security teams to monitor every cloud on every device, or to monitor access requests for each different type of cloud environment. If you don’t control the cloud or where your data and apps reside, don’t manage them, or don’t know what you have in the cloud, your risk starts to sprawl and you don’t even know what’s happened when there’s a breach - or where to start to remediate. Follow these guidelines to make sure you avoid the cloud’s possible pitfalls.

Market Research Suggests World Cloud Security Market will reach $8.9B by 2020

Allied Market Research has just released a new report that states the Worldwide Cloud Security Market will reach $8.9B by 2020.

The report, which is entitled “World Cloud Security, Market Opportunities and Forecasts 2014-2020” says that the cloud security market will grow at a compound adjusted growth rate of 23.5% from 2015 to 2020. While North America will be the global leader, market opportunities in Asia and the Pacific Rim will give rise to the demand for cloud security services.

BYOD and other emerging technologies will be the main driver in businesses wanting to expand their cloud security platforms. Allied says that governments, retail, IT, telecom and others will drive cloud security innovations.

Given the worldwide appetite for cloud, it’s no surprise that cloud security solutions will work in tandem with the emerging cloud application ecosystems. Businesses are tasked with keeping their critical services secure, while simultaneously providing ease of use. This balancing act will fuel cloud security innovations in the coming years. Allied predicts that these companies will become the leaders in cloud security technology:

• Symantec Corporation
• Intel Corporation
• Hewlett Packard (HP) Company
• Cisco Systems, Inc.
• IBM Corporation
• Microsoft Corporation
• Kaspersky Labs
• Dell Inc.

“Favorable regulations and policies along with proactive e-commerce & e-governance initiatives have fostered the growth of the world cloud security market,” says Allied Market Research’s press release on the report.

Read More: http://www.cloudwedge.com/market-research-suggests-world-cloud-security-market-will-reach-8-9b-by-2020-290335/

Confidence in cloud security

We look at how certifications and audits boost confidence in cloud security

Cloud has reached a tipping point, with more businesses now confident about putting their information online. Even executives who used to be hesitant about going 'on-demand' are beginning to believe in the strengths of the cloud.

As many as 64.9% of IT leaders think the cloud is as secure or more secure than traditional on-premise software, according to the Cloud Security Alliance. The main providers play a key role in boosting confidence, helping to reassure IT and business leaders that sensitive data is safe and secure online.

Suppliers are taking crucial steps to beef up their security and help deliver compliance the business can rely on. The key here is independent certifications and third party audits from a variety of accredited organisations.

Cloud Security Challenges

Large organizations are embracing public and private cloud computing at a rapid pace. According to ESG research, one-third of organizations have been using public and private cloud infrastructure for more than three years, and more than half of organizations (57%) have production workloads running on cloud computing infrastructure (note: I am an ESG employee).

Of course, cloud computing is very different than physical or virtual servers, which translates into a different cybersecurity model as well. And these differences lead to a variety of security challenges.

Cloud Security Industry Analysis 2020

The world cloud security market is expected to generate $8.9 billion by 2020, registering a CAGR of 23.5% from 2015 to 2020. North America dominates the world cloud security market, owing to growing adoption of cloud services in several industries in the region. However, Asia-Pacific region is expected to grow rapidly during the forecast period.

CSA survey finds trust in the cloud increasing

Suspicion of the cloud has lifted so much that trust in cloud services is on par with on-premises applications, according to a survey by the Cloud Security Alliance.

Around 200 IT executives were quizzed about the state of cloud adoption, the evolving role of IT, and how enterprises approach cloud security. The results suggest that while trust in the cloud may be on the rise companies are trying to replicate the same security controls they did for their on-premises systems.

Cloud security culture a building block for today's businesses

When Brian Lillie is hiring for his security team, the right skills get candidates in the door; the right cultural fit gets one of them the job.

"If you hire the wrong information security leader, they can put security above all else and work can grind to a halt," said Lillie, CIO at Equinix Inc., a Redwood City, Calif., provider of data center space. "They can become the productivity prevention unit, the PPU."

Security is at the forefront at Equinix, which operates 145 data centers on five continents, Lillie said. But in an "innovate or die" business climate, so is helping business users move the company forward -- and for Equinix and many other organizations today, that means giving them access to the power, capacity and flexibility of cloud computing. Cloud innovation thrives, Lillie said, if security is folded into everything the company does.

"I think where you get into trouble is where you make security an afterthought and you make it second to user experience," Lillie said. "There's always a balance between user experience that you get from a beautifully written cloud application and security."

It's a line more and more organizations today have to walk, as business units clamor for cheap, easy-to-install, easy-to-use cloud applications and IT is forced to act as gatekeeper. According to a new report by nonprofit Cloud Security Alliance and cloud security vendor Skyhigh Networks, a "culture of security," often with support from a chief information security officer, or CISO, is needed to ensure a company has vision and vigilance in equal measure.

Read More: http://searchcio.techtarget.com/news/4500272074/Cloud-security-culture-a-building-block-for-todays-businesses

15% cyber security market share will be in cloud by 2025

The Global Cyber Security Market 2015-2025 report says Network security, Data security and Identity and Access security are expected to account for the top three largest shares of the industry over the forecast period with cloud security growing steadily.

Lockheed Martin Corporation, Panda Security, Booz Allen Hamilton, CACI, NetCentrics (Hyastax Technology), Airbus DS Communications, Raytheon, CRGT, Digital Management Inc, KEYW, Northrop Grumman, Camber Corporation, Check Point Software Technologies, General Dynamics, Mantech International Corporation, BAE Systems Detica and Thales are the companies discussed in this cyber security market report for 2015 to 2025.

The industry is expected to be worth US$11.4 billion in 2015 and forecast to reach US$17.3 billion by 2025, representing a CAGR of 4.23% during the forecast period. The market is expected to be dominated by North America, occupying 56% of the market share, followed by Asia-Pacific, and Europe. Middle East, Latin America and Africa are expected to account for the remaining 10% of the overall market. The network security market is estimated to account for 44% of the global cyber security market. Data security and Identity and Access security are also expected to account for a significant portion of the total cyber security market during the forecast period, with shares of 25% and 16% respectively. Cloud security will account for the remaining 15% of global cyber security expenditure.

Read More: http://www.firstpost.com/business/15-cyber-security-market-share-will-be-in-cloud-by-2025-2526454.html

Stats are wrong: The public cloud is already the norm

It's no longer new or odd for enterprises to use the cloud. The cloud is now a reliable workhorse, and it brings a great deal of value to the business.

A recent Verizon report shows what everyone already knows: Use of the cloud is no longer new or specialized; it's become a solid part of our IT arsenal that most enterprises have already established as a core resource.

If the cloud is not so strange anymore, why isn't everyone doing it? The use of public cloud makes up less than 2 or 3 percent of total enterprise workloads, the major analyst firms concur.

Some enterprises are still holding out on the move to the public cloud by citing security, control, and regulatory rationales. But many of them are starting the transition with a private cloud or two. They're not counted in the analyst figures.

A much bigger undercount involves so-called shadow IT, where employees and even entire departments have bought into public cloud computing. They have SaaS or IaaS cloud assets that will eventually find their way back into corporate IT, which will reluctantly accept the use of public cloud resources. This has already occurred at most Global 2000 companies. But until these unofficial deployments work their way back to IT, these public cloud uses aren't counted either in analyst stats.

Those unofficial deployments will help corporate IT see that the sky doesn't fall when users deploy the public cloud. Indeed, agility goes up and costs drop. Moreover, if the right security approaches and technologies are applied, security actually improves.

Read More : http://www.infoworld.com/article/3005457/cloud-computing/stats-are-wrong-public-cloud-is-already-the-norm.html

IT leaders plan to further embrace cloud in 2016

The majority of CIOs plan to foster a cloud-first strategy for enterprise applications next year, according to a new survey from Bitglass. The "cloud access security broker" conducted its survey of 92 CIOs and IT leaders at the Gartner Symposium IT Expo last month, and it released the findings today.

Half of the respondents reported cost savings in 2015 as a result of using SaaS applications, such as Microsoft's Office 365 and Google for Work, but they also continue to face security challenges. In 2016, 87 percent of IT leaders expect to increase security spending, and 77 percent plan to bump up cloud security expenditures for mobile and cloud-based services, according to the survey.

Roughly one in three (34 percent) IT leaders anticipates an increase of more than 20 percent in cloud security spending next year. The biggest cloud security challenges of 2016 will be controlling downloads (36 percent), evaluating cloud provider security (24 percent), external sharing (21 percent) and shadow IT (14 percent), according to the survey.

"CIOs now realize that shadow IT is not an employee attempt at mutiny, but a response to the poor choice of tools provided by IT," says Rich Campagna, vice president of products and marketing at Bitglass. "As the cloud-first mindset has become more commonplace, security concerns have shifted to topics like access from unmanaged devices and external sharing — common gaps in cloud applications."

Read More : http://www.cio.com/article/3001920/cloud-computing/it-leaders-plan-to-further-embrace-cloud-in-2016.html

Oracle CEO: We are the most complete cloud company

Oracle's growth and ability to compete with other actors in the cloud computing space is growing, CEO Mark Hurd told CNBC on Monday, adding that the company "is winning" the space when compared to its competition.

Hurd described a list of Oracle's accomplishments, including what he said was a "doubling of the pipeline" and a surge in client bookings. "I think we are winning," he told CNBC's "Squawk Alley." "We believe we are the most complete cloud company in the industry."

Hurd was speaking from the Oracle Open World Conference in San Francisco this week. The company will reveal about 150 new products, he said.

On Monday, Oracle pulled the curtain back on a host of new cloud-based services, including new databases with an emphasis on cyber security.

Oracle has been investing in its cloud services by focusing on both platform and service infrastructure, Hurd explained. "The technical infrastructure that actually drives our cloud is extreme and it benefits us in the long run in margins."

Read More : http://www.cnbc.com/2015/10/26/oracle-ceo-we-are-the-most-complete-cloud-company.html

Alibaba points to Singapore in response to cloud security concerns

China tech vendors inevitably face concerns about data and cloud security, especially in dealing with US customers, but Alibaba hopes to defuse potential doubt through its international headquarters in Singapore.

It also wants to remind customers that it is a US-listed company.

Speaking to ZDNet in an interview, Alibaba Group's vice president Yu Sicheng said: "First, China's international business is a Singapore business that is governed by a US-listed company. It follows Singapore laws in terms of data privacy as well as all commercial contracts involving those with our customers and partners.

LATEST NEWS ON ASIA

Zuckerberg visits India to boost Facebook numbers amidst Internet.org hiccups
Will your phone soon be free? DataWind announces $15 smartphone
OpenStack gathers momentum in Asia
Huawei ships 27 million smartphones in Q3
China Mobile joins South Korean fourth telco bid
"We just happened to be a US-listed company that is based in China," said Yu, who heads the vendor's cloud business outside of its domestic market. Currently based in Beijing, the executive is likely to move to the Singapore headquarters, which was announced earlier this year.

With relationships between China and the US particularly tensed over cyber hacking and spying allegations, tech vendors from the Chinese market often face customer concerns about data and cloud security.

With relationships between China and the US particularly tensed over cyber hacking and spying allegations, tech vendors from the Chinese market often face customer concerns about data and cloud security.

Alibaba's cloud business in the US remains nascent and is starting from a small footprint, Yu said, noting that it had yet to encounter any security-related queries specifically associated with its China roots.

Read More : http://www.zdnet.com/article/alibaba-points-to-singapore-in-response-to-cloud-security-concerns/