While many migrate security tools to the cloud, concerns remain
While many companies are beginning to migrate security tools to the cloud, a significant number have concerns, a survey by Exabeam reveals.
The survey highlights data privacy, unauthorized access, server outages and integration as key concerns.
Not everyone has migrated to the cloud yet
The survey shows a mixed picture when it comes to firms migrating security tools to the cloud. While just over half of respondents (52 percent) began migrating to cloud-based security products during or before 2018, around a fifth (18 percent) waited until 2019, three percent started in 2020, 13 percent have not yet started and the remainder don’t know when they’ll migrate.
Of those that have started their migration, over half (58 percent) have migrated at least one quarter of their security tools to the cloud, while one third (33 percent) said more than 50 percent of their security tools are now cloud-based.
Typically, organizations migrate security tools to the cloud to minimize the resources and overhead associated with owning and maintaining on-premises equipment and software. This means security teams can avoid system sizing, maintenance, uptime management, and product upgrades.
Reducing engineering effort to deploy and maintain new solutions allows security analysts to complete tasks faster and frees engineers up to focus on other projects.
The survey results support this, with improvements in monitoring and tracking of attacks (29 percent) and reduced maintenance (22 percent) considered the most important gains from using cloud-based security tools.
CAPEX reductions (18 percent), faster time to value (17 percent) and access to the latest features (13 percent) are drivers for cloud adoption, but considered less important.
However, when asked what concerns they have about moving security tools to the cloud, data privacy (30 percent) remains high on the list, with unauthorized access (16 percent), server outages (14 percent), integration with other security tools (14 percent), and data sovereignty (13 percent) also being raised.
Lack of understanding about migration
While 22 percent stated migration to the cloud was not a priority for their organization, the results suggest a lack of understanding about the migration issue as a whole. Around a third (32 percent) said they did not know what concerns their organization has about moving security tools to the cloud.
Furthermore, despite about a third (32 percent) of respondents saying they consider it to be too difficult or too risky to migrate security tools to the cloud, nearly half said their preference is to migrate legacy products to the cloud (46 percent) rather than replace legacy on-premise products with new cloud-native security tools (54 percent).
Organizations are protecting a variety of data types with cloud-based security tools, with email the most widely protected (22 percent), followed by customer information (21 percent), file-sharing (20 percent) and personnel files (18 percent). However, few organizations (12%) have extended cloud-based security to protecting corporate financial information.
“I think regardless of what security teams want, their monitoring and response tools will follow where organizations are moving their infrastructure for business services. Ultimately, security teams might have opinions, but they really don’t have a choice. They need to operate in a way that enables the business to function, grow, and profit. That said, if history has proven anything, it is the continuous, multi-decade ebb and flow between centralized and distributed computing and cloud is the next phase of that iteration. Ultimately, security teams need to be flexible in order to be able to integrate and interoperate both their cloud and non-cloud security tools and be in a position to enable the business to deliver capabilities and services where it is best for the business – not exclusively what is good for security,” Swimlane CEO, Cody Cornell, told Help Net Security.
“If the recent events are any proof of the security impacts to the security visibility of centralized vs distributed workforces, a lot of organizations that felt they were well-positioned to secure their users and devices have been caught flat-footed as their ability to gather security information from the endpoints and network perimeters have evaporated depending on some of the infrastructure decisions and assumptions they’ve previously made. If distributed workforces are the new normal, technologies that can be both cloud-deployed and managed have some obvious advantages in that they don’t lose visibility when endpoints data and the perimeter (e.g. traditional versus newer DNS, Proxy, Browser Isolation, & CASB solutions) telemetry are no longer available for detection and response.”