CIOs do not test cloud security solutions

News by SC Staff

Fewer than half of CIOs have tested security systems and procedures provided by cloud vendors.

Fewer than half of CIOs have tested security systems and procedures provided by cloud vendors.

According to a survey of 100 CIOs, 45 per cent said that they test the security systems and procedures provided by cloud vendors, yet that security issues remain the biggest concern for migration of systems to the cloud, with 84 per cent of respondents either concerned or very concerned about cyber security.

Of those surveyed, 54 per cent said that they were ‘somewhat concerned' while 30 per cent said that they were ‘very concerned'. However 11 per cent of CIOs said that they not taking any proactive action to address cyber security, while 12 per cent said that they were ‘not concerned' about cyber security.

Ryan Rubin, UK director of risk consultancy Protiviti, who conducted the survey with parent Robert Half, said: “These statistics indicate that either there is an inherent trust in cloud service providers; that they have good security governance in place or there is a lack of visibility of potential risks associated with using them.

“However, there is also a potential risk that CIOs are not always involved in the overall business making decision to procure cloud services – limiting their ability to carry out effective due diligence before these services are adopted.

“Since an increasingly higher percentage of IT security breaches involve third parties, gaining assurance from cloud providers is critical to managing information security risk. Whilst companies may migrate IT towards cloud providers in an attempt to reduce costs, they cannot outsource their information security risks.

“Unless adequately managed, the cost of security breaches - either regulatory and or legal - may outweigh the perceived benefits of moving into the cloud.”

Topics:

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events