C-Suite Survey: Accelerated Cloud Migrations, Lagging Security
Recently, Enterprise Management Associates (EMA) conducted a research survey for Radware of senior executives across the globe to gain a better understanding of the perceptions of current cybersecurity challenges and opportunities for C-suite executives. The 2020 “C-Suite Perspectives Report on IT Security” reveals that the COVID-19 pandemic was a major accelerant for organizations to quickly move forward with the migration of business infrastructure and applications to the cloud.
2020 has seen some significant shifts in how organizations rely on critical information technology services for day-to-day operations. While some have always understood the critical nature of IT, the pandemic has forced organizations to accelerate their cloud migration strategy and operate with reduced budgets and resources, all while protecting their organization from existing and emerging cybersecurity threats.
It’s All About the Cloud
Almost immediately after the start of the pandemic lockdowns and health orders, it became obvious that those companies with workloads based in the cloud were well positioned to shift normal business operations. When the pandemic restrictions came about, companies with a bulk of their corporate communications and infrastructure in the cloud were literally able to scale up additional instances with a mouse click, and employees were immediately productive.
[You may also like: Smart DDoS Protection During the COVID-19 Crisis]
Those companies that were not well positioned in the cloud immediately accelerated their plans for cloud migration. Seventy-six percent of companies that we surveyed re-prioritized or accelerated their cloud migration projects. Apart from employee productivity, organizations with a cloud infrastructure were able to more quickly adapt to the increased importance of contactless revenue streams, such as e-commerce and virtual services. Those companies that adopted the cloud were well positioned to survive (and in some cases thrive) during the pandemic. In fact, 56% of companies surveyed saw an immediate uptick in revenues on their e-commerce/contactless revenue streams.
Doing More, With Less
One immediate result of the pandemic was that IT leaders were forced to do more with less: from resources, to budget, to headcount—many organizations went into a preservation mode, cutting costs and expenses in every corner. Fifty-six percent saw a significant impact on their business revenue due to the pandemic and 43% of organizations reported a reduction in their workforce. Interestingly, almost 50% of the business leaders indicated that the reductions in real estate, headcount, and budget were permanent.
Because of this, many of the organizations are relying on third parties to close the gap, especially when it comes to information security. Thirty-two percent of respondents reported that they depended on the cloud-hosting providers to secure their digital assets. Even more concerning is the fact that while organizations are leaning on the cloud providers for security, they also lack a basic understanding of the shared responsibility model for information security in the cloud.
Securing the Cloud
Cloud providers have spent billions of dollars educating their clients on how the security of assets in the cloud is distributed, but year after year, the headlines are filled with stories of data and security breaches in the cloud, nearly always a result of a failure of the shared responsibility model. Organizations that depend on the cloud providers for security may see a greater chance of a security incident in the future.
Executives are looking to their security teams to give them a level of comfort about their organization’s overall security. Unfortunately, most do not have that level of comfort. About 50% of the respondents were not confident of their organization’s ability to deal with unknown threats, while 30% have seen an increase in attacks during the pandemic.
[You may also like: Why You Should Reconsider DDoS Mitigation from Public Cloud Providers]
And it isn’t because execs aren’t paying attention: 69% of executives surveyed indicated that half of their time was dedicated to addressing security-related concerns. Nearly three quarters of the executives listed increased service disruptions, ransomware, and artificial intelligence as the evolving threats that most concern them, and they lack effective measures to deal with these threats.
The pandemic forced organizations to accelerate their migration to the cloud. Some business leaders took the pandemic disruption as a chance to improve their organizations by building resiliency, honing budget management, and adopting new processes and technologies. With proper planning and agile leadership, they were able to refocus their businesses, products, and services to address immediate demands while providing the infrastructure necessary for their customers and employees in a contactless economy.