A new survey charting the priorities of information security professionals found a shift in enterprise companies' approach to private and public cloud infrastructure. The report, published by Enterprise Strategy Group (ESG) and vArmour, noted that enterprises are moving toward a hybrid cloud model.

The study found that 57 percent of professionals said their organisation uses both public and private cloud infrastructure to support production applications and workloads, while 39 percent of survey participants said their organisation uses only private cloud infrastructure, and just four percent of those surveyed said their organisation uses only public cloud infrastructure.

The move towards a hybrid cloud model creates a unique set of security concerns, Jon Oltsik, senior principal analyst at ESG, told SCMagazine.com. More than four out every of five participants surveyed (81 percent) said they plan to deploy micro-segmentation within the next six to 12 months.

The report found that 21 percent of participants said extensibility is a primary motivation for their organisation's decision to adopt cloud computing, while 21 percent of participants rated scalability (the ability to scale up or down with cloud resources) and 20 percent said infrastructure-agnostic (independent of underlying IT infrastructure) as a primary motivation for adopting cloud computing.

The findings also shed light on the tension between information security professionals and C-suite executives. C-suite expectations are set by the culture of rapid deployment of revenue generating applications that emerged from cloud technologies, he said. “Information security has to catch up.”