sb-au logo
Story image

Businesses underutilising cloud security due to lack of education and training

Demand is high for cloud security access brokers (CASB), but more training and clear goals are needed to ensure companies get full effectiveness of products.

This is according to the Cloud Security Alliance’s (CSA) latest survey, commissioned by Proofpoint, The Evolution of the CASB.

The study queried more than 200 IT and security professionals from a variety of organisation sizes and locations, examined the expectations, technical implementations, and challenges of using cloud security access brokers (CASB).

The results show there are unrealised gaps between the rate of implementation or operation and the effective use of the capabilities within the enterprise, CSA states.

According to the report, while nearly 90% of the organisations surveyed are already using or researching the use of a CASB, half (50%) don’t have the staffing to fully utilise cloud security solutions, which could be remediated by working with top CASB vendors.

In addition, more than 30% of respondents reported having to use multiple CASBs to meet their security needs and just over one-third (34%) find solution complexities an inhibitor in fully realising the potential of CASB solutions.

Overall, CASB’s perform well for visibility and detecting behavior anomalies in the cloud but have yet to become practical as a tool for remediation or prevention.

Additionally, the report found that when it comes to utilising CASB’s, of those surveyed 83% have security in the cloud as a top project for improvement, and 55% use their CASB to monitor user behaviors, while 53% use it to gain visibility into unauthorised access.

Furthermore, 38% of enterprises use their CASB for regulatory compliance while just 22% use it for internal compliance; and 55% of total respondents use multi-factor authentication that is provided by their identity provider as opposed to a standalone product in the cloud (20%).

Cloud Security Alliance lead author and research analyst Hillary Baron says, "CASB solutions have been underutilised on all the pillars but in particular on the compliance, data security, and threat protection capabilities within the service.

"It’s clear that training and knowledge of how to use the products need to be made a priority if CASBs are to become effective as a service or solution."

Proofpoint vice president of product marketing Tim Choi says, "To overcome the gaps uncovered in this Cloud Security Alliance survey look for a solution that is part of a larger security portfolio and can effectively address the people-centric cloud security concerns on cloud account compromise, cloud data loss prevention, and cloud application compliance and visibility.

"It’s critical that the journey starts with clear goals in mind and prioritised objectives. In addition, identifying CASB solutions that provide a deployment model that can be operationalised in hours, not weeks leads to faster time to value."

Story image
Jamf extends Microsoft collaboration with iOS Device Compliance
Organisations will soon be able to use Jamf for Apple ecosystem management while using Azure Active Directory and Microsoft Endpoint manager to maintain conditional access.More
Story image
Proofpoint enhances security awareness training platform
Available in Q4 2020, the platform will integrate more closely with Proofpoint’s best-in-class threat intelligence.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Link image
Data is an organisation's most significant asset - here's how to protect it
Data resilience strategies are becoming more crucial as more value is ascribed to a company's data. If it's not stored securely and cost-effectively, expect problems.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
Report: Rushing into cloud migration directly related to security issues
A new report from Radware highlights the impact of COVID-19 on organisations compelled to digitally transform in order to maintain business continuity. More