sb-au logo
Story image

Businesses underutilising cloud security due to lack of education and training

Demand is high for cloud security access brokers (CASB), but more training and clear goals are needed to ensure companies get full effectiveness of products.

This is according to the Cloud Security Alliance’s (CSA) latest survey, commissioned by Proofpoint, The Evolution of the CASB.

The study queried more than 200 IT and security professionals from a variety of organisation sizes and locations, examined the expectations, technical implementations, and challenges of using cloud security access brokers (CASB).

The results show there are unrealised gaps between the rate of implementation or operation and the effective use of the capabilities within the enterprise, CSA states.

According to the report, while nearly 90% of the organisations surveyed are already using or researching the use of a CASB, half (50%) don’t have the staffing to fully utilise cloud security solutions, which could be remediated by working with top CASB vendors.

In addition, more than 30% of respondents reported having to use multiple CASBs to meet their security needs and just over one-third (34%) find solution complexities an inhibitor in fully realising the potential of CASB solutions.

Overall, CASB’s perform well for visibility and detecting behavior anomalies in the cloud but have yet to become practical as a tool for remediation or prevention.

Additionally, the report found that when it comes to utilising CASB’s, of those surveyed 83% have security in the cloud as a top project for improvement, and 55% use their CASB to monitor user behaviors, while 53% use it to gain visibility into unauthorised access.

Furthermore, 38% of enterprises use their CASB for regulatory compliance while just 22% use it for internal compliance; and 55% of total respondents use multi-factor authentication that is provided by their identity provider as opposed to a standalone product in the cloud (20%).

Cloud Security Alliance lead author and research analyst Hillary Baron says, "CASB solutions have been underutilised on all the pillars but in particular on the compliance, data security, and threat protection capabilities within the service.

"It’s clear that training and knowledge of how to use the products need to be made a priority if CASBs are to become effective as a service or solution."

Proofpoint vice president of product marketing Tim Choi says, "To overcome the gaps uncovered in this Cloud Security Alliance survey look for a solution that is part of a larger security portfolio and can effectively address the people-centric cloud security concerns on cloud account compromise, cloud data loss prevention, and cloud application compliance and visibility.

"It’s critical that the journey starts with clear goals in mind and prioritised objectives. In addition, identifying CASB solutions that provide a deployment model that can be operationalised in hours, not weeks leads to faster time to value."

Story image
Why a more secure organisation is a collective responsibility
With vast volumes of data moving to the cloud, many IT professionals are frequently challenged to protect their enterprise environment, and there is a greater focus being placed on advancing cybersecurity strategies.More
Story image
Pandemic sees organisations of all sizes and industries invest in CTI
There is opportunity for organisations to better manage their cyber-threat intelligence for greater security and threat intelligence effectiveness by adopting the right tools and processes.More
Story image
Dell Technologies unveils new data protection innovations for hybrid cloud workloads
The Dell EMC PowerProtect Backup Service, powered by Druva, is designed to deliver SaaS app protection without increasing IT complexity.More
Story image
5G network security a US$9 billion dollar opportunity - report
The cloud-native nature of 5G networks will have a disruptive and positive impact on the cybersecurity industry in the next few years, with 5G network security presenting a US$9 billion enterprise market opportunity by 2025.More
Story image
Attivo Networks expands Active Directory suite for greater protection
"We see Active Directory exploitation used in the majority of ransomware, insider and advanced attacks. We are pleased to now offer our customers early and efficient solutions for preventing the misuse of Active Directory.”More
Story image
Microsoft Exchange breach a wake-up call to ditch the server
"There are owners who still have in-house exchange servers because they are suspicious of the cloud or have concerns about their data sovereignty or don't want to contemplate the capital expenditure. But the warning is clear. Get rid of them."More