Security preparedness key to moving faster in the cloud

Many business leaders around the country are waking up to the fact that cloud is central to their organisation’s business model. This is evident from cloud adoption figures which Global Data shared recently, tipping cloud adoption in Australia could grow by 12.5% to reach $14.1bn in 2025.

This estimated growth in my view also brings immense challenges. Australia is witnessing a time when companies are experiencing complex and severe cyber attacks within the cloud. There is no doubt that successful cloud migrations can deliver tangible business benefits, but will businesses continue to see these benefits if serious consideration is not given to cloud security?

Security is key but cloud security preparedness is declining

To explore this, Telstra Purple commissioned research in partnership with Omdia to help better understand how leading Australian executives are leveraging cloud technology for resilience, innovation and business transformation. The State of Cloud, Edge and Security in Australia 2022–23 report found that security remains key to moving faster into cloud adoption. This could mean future cloud migrations may be impacted, due to the possible threats posed by complex cyber attacks.

The research showed that public cloud systems of those surveyed have been the most attacked surface. Of the cybersecurity incidents last year, 64% impacted public cloud assets of the participants and 56% of firms also saw a rise in hybrid cloud attacks.

The top technology concerns identified by participating executives that could impact cloud innovation were:

• Cyber attacks (44% of executives)
• Data breach or data loss (36%)
• Cloud networking security risks (33%)
   

The top business concerns impacting security of those surveyed were:

• Rising security costs (29% of executives)
• Privacy breaches (26%)
• Data integrity and data loss (23%)
   

Increasing complexity, impact on broader organisation and risk, and business continuity risks were also concerns reported by executives.

Compounding these issues, the research showed preparedness for cloud security may be declining compared to last year, which is surprising given the current landscape as it might be assumed it should be trending upwards. Only 39% of Australian firms who participated in the study reported they are ‘very prepared’ for cloud security, down from 44% a year ago.

Exploiting the full potential of the cloud

Exploiting the full potential of the cloud necessitates an elevation of cloud security. Expertise in cloud and cybersecurity can play a mediating role in cloud security challenges. However, respondents in our research reported skilled security specialists with requisite certifications and real-world experience can be expensive, in short supply and difficult to retain.

Therefore, many executives we spoke with are bringing in select partners to access professional services, consulting and managed services to help them develop a more precise cloud security strategy, better utilise cloud-native security tools and address staff constraints.

In addition, cybersecurity could be treated as a fundamental pillar of business growth. Local leaders were asked about the relative level of maturity, understanding, engagement and support from their board of directors. In the scorecard, 36% were rated ‘excellent’, 47% ‘adequate’ and 17% were found ‘lacking’. The bottom line taken from this is that there needs to be mutual education and understanding between CISOs, CIOs and the board on cyber risk.

Building a better cloud strategy

To move forward, cybersecurity investments could accompany cloud-led innovation. Fundamentally, it could help if leaders build cloud-specific security considerations into their cloud strategies, spanning design through to migration and cloud management covering both public and private clouds.

Successful cloud migration plans usually emphasise application performance, cloud-native solutions and operating model changes (eg, DevOps). They also often recognise the critical role of a good network. Network performance has become one of the paramount decision factors in the choice of cloud partners according to our report. The report also found that leaders increasingly recognise that a secure, well-designed and tightly managed network is essential to the scalability, resiliency, security and application performance of any cloud deployment for critical applications.

Cloud attacks are increasing, and security may be the primary constraint to cloud migration for many businesses, and preparedness was reported as declining. Moving forward, we believe businesses could look to elevate cloud security in order to maximise cloud investments for their business growth.

Image credit: iStock.com/Oleh Svetiukha