U.S. Lags in Cloud Computing Adoption, While Info Security Threats Expand

Expect More Organized Criminals to Get Involved

One of the big take aways from ISC West, now happening in Las Vegas, is the growth of software as a service, video software as a service, access control as a service and cloud computing applications.

So it is somewhat surprising that, from Tata Consultancy Services, comes a new study with an eye opening finding: that the United States and Europe lag behind the rest of the world in cloud computing adoption. This is surprising because many of the companies that have been driving and leading the cloud computing phenomenon are mostly U.S. based, such as Amazon Web Services, Google, IBM, RackSpace, Microsoft, Apple, and Oracle. There also are many U.S. vendors offering Software as a Service options.

That was not the only surprise to come out of the study. The other is that many, if not most, companies, particularly in the midsize space, expect to have large portions of their corporate applications in the cloud within the next two years.

Of course, one cloud concern is security. But, overall, information security threats more generally are a growing problem.

For example, in another information technology report, the range and complexity of information security threats is set to rise significantly over the next two years and organizations that fail to prepare now will struggle to handle the challenges later. This forecast is according to Threat Horizon 2014: Managing Risks When Threats Collide, the latest in a series of Threat Horizon reports from the Information Security Forum, a global, independent information security body considered a leading authority on cyber security and information risk management.

The report challenges the traditional approach to managing security risks, which has typically fallen to the information security function, and recommends that organizations take a much more strategic and business based approach to risk management. To take advantage of both technology and cyberspace, organizations must manage new risks beyond those traditionally covered by the information security function, including attacks on reputation and all manner of technology.

While individual threats will continue to pose a risk, there is even more danger when they combine, such as when organized criminals adopt techniques developed by online activists, says Steve Durbin, Global Vice President, ISF. Traditional risk management is insufficiently agile to deal with the potential impacts from activity in cyberspace. While executives recognize the benefits and opportunities cyberspace offers, their organizations must extend risk management to become more resilient, based on a foundation of preparedness. We are advising our members that this is the year of resilience and to be prepared to move at the speed of a Tweet, he adds.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.