Lack of budgets for security initiatives slows down cloud adoption
The number of public sector organizations that are ready to implement a cloud-first strategy or move their entire infrastructures to the cloud has decreased by almost 20 percent since 2018.
Further, only 32 percent of government organizations would consider implementing a cloud-first strategy, and only 20 percent would consider becoming 100 percent cloud-based.
Those are among the key findings from Netwrix, a vendor of information security and governance software, in its recent 2019 Netwrix Cloud Data Security Report.
According to Netwrix, the main reason cited for this lack of cloud support is lack of resources: 92 percent of IT teams didn’t receive a budget increase for cloud security in 2019, and 50 percent of them say they have no financial support when it comes to dealing with cloud security issues.
Other findings revealed by the research include:
- The majority of government organizations store personally identifiable information (PII) of employees and citizens in the cloud (69 percent and 62 percent, respectively). Their chief reasons for moving sensitive data to the cloud are cost efficiency (cited by 31 percent), availability for remote workers ( cited by 28 percent) and security concerns (cited by 21 percent).
- 28 percent of government organizations had at least one security incident in the past 12 months. These report found that these organizations have two things in common: none of them classified all data they stored in the cloud, and all of them stored all their sensitive data in the cloud. What is even more disturbing, the report noted, is that 59 percent of organizations couldn’t determine whether the incidents they suffered were caused by external threat actors or insiders.
- The majority of organizations plan to strengthen data security in the cloud by encrypting data (cited by 61 percent) and improving data access management (cited by 55 percent). However, not all IT teams receive sufficient budget to support these initiatives: only 8 percent saw their cloud security budgets increase in 2019. However, those lucky few reported quite a substantial budget increase, which averaged 80 percent, the study revealed.
- One quarter of organizations that store all their sensitive data in the cloud would consider moving some or all of back on premises. The key reasons to un-cloud include high costs (cited by 43 percent), inability to ensure security (cited by 29 percent) and lack of control (cited by 14 percent). They would start by migrating the data of citizens (cited by 29 percent), payment data (cited by 29 percent) and healthcare data (cited by 29 percent).
An infographic which further outlines the findings of the global 2019 Netwrix Cloud Data Security Reportfor the public sector is also now available. The infographic provides an industry perspective of the data that government organizations store in the cloud, the state of their cloud data security, and their plans for protecting data in the cloud and further using cloud technology.
“Despite initiatives like the Federal Cloud Computing Strategy, many organizations are cautious about using the cloud due to the lack of sufficient budget to ensure controls are in place to protect their data. Public sector organizations need to understand what data they have in the cloud and ensure they can classify it according to its level of sensitivity. This approach will enable them to prioritize their cybersecurity efforts and choose appropriate controls within their budgets to keep critical data safe,” said Steve Dickson, CEO of Netwrix.