SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
As digital transformation grows in ANZ companies, misconceptions about their role in cloud security abound
Tue, 19th Jan 2021
FYI, this story is more than a year old

Digital transformation is growing speedily in Australia and New Zealand, but many newcomers to emerging technologies may be unsecured, according to new research from Trend Micro.

While an 81% majority of ANZ organisations are accelerating their digital transformation, a giant 99% of surveyed respondents say they believe their cloud security provider provides enough protection.

These figures confirm a simple misconception that can lead to serious security consequences, says Trend Micro: while cloud infrastructure is secure, customers are responsible for securing their own data — which is the basis of the Shared Responsibility Model for cloud.

The figures also clash with another statistic gleaned from the study: 86% of respondents in the ANZ say they are confident they understand their cloud security responsibilities. Despite this, less than half (47%) can say they are ‘very' confident in securing their organisation's part of the cloud-based responsibility model.

“It's evident organisations in Australia and New Zealand are embracing digital transformation and adopting the cloud at an accelerated rate,” says Trend Micro commercial vice president for ANZ Ashley Watkins.

“While this progression is great to see, our findings indicate there is a clear disconnect in the understanding of the cloud shared responsibility model which could result in exposure to reputational and financial damage.

The disparities between the statistics suggest that there may be significant coverage gaps and confirm that the shared responsibility is not understood, Watkins says.

According to the research, misconfigurations are the top risk to cloud environments, which can also come about as a result of confusion regarding the Shared Responsibility Model.

“There are plenty of solutions an organisation can consider implementing to ensure they are tapping the power of cloud adoption and building a solid foundation for digital transformation” continues Watkins.

“Despite the challenges faced by ANZ organisations, there are ready, easy-to-use products available on the market which will address privacy concerns, support compliance, and ultimately avoid unnecessary risk.

The surveyed ANZ organisations seem to be confident in their cybersecurity posture in the cloud, as:

  • 40% claim the acceleration in cloud migration has increased their focus on security best practices
  • 85% believe they are fully or mostly in control of securing their remote work environment
  • 82% believe they will be fully or mostly in control of securing their future hybrid workplace.

Despite this confidence, many respondents in ANZ also admitted to experiencing security-related challenges:

  • 55% said that security is a 'very significant' or 'significant' barrier to cloud adoption
  • Patching (41%), setting consistent policies (39%), and lack of integration with on-premise security technologies (36%) were cited as the top three day-to-day operational headaches of protecting cloud workloads
  • Lack of integration with on-premises security technologies (43%), data privacy (38%) and compliance (28%) were reported as significant barriers in migrating to cloud-based security tools.