The use of cloud services was analyzed in a recent report by the Cloud Security Alliance. The survey found that while the use of cloud services is increasing, the pace of adoption is dependent on the speed at which cloud service providers (CSP) and financial services can meet security and operational expectations as well as demonstrate adherence to regulations.
- Cloud adoption continues to increase within the financial services sector with 98% of respondents reporting that their organization is using some form of cloud computing. This is up from 91% in 2020.
- Multi-cloud is the new reality for financial services with 57% of organizations surveyed reporting they currently use multiple cloud service providers (CSPs) for their IaaS/PaaS needs.
- Zero trust was cited as the top priority by respondents, followed by cloud regulation, multi-cloud management and shared security responsibility.
- The majority of financial services use cloud computing for regulated data with 59% saying they store or process regulated banking information within cloud services, and 25% having no future plans to do so. However, 28% of respondents said they are using public cloud services for the majority of their regulated workloads, an 18% increase from 2020.
- 91% of respondents reported their concern with security and operational issues resulting from CSP-initiated cloud service changes as high or medium.
- 9% of respondents felt that they had a highly robust cloud security program.
- 65% of those surveyed use the Cloud Controls Matrix (CCM) and Continuous Assessment Initiative Questionnaire (CAIQ) to demonstrate adherence to frameworks, establish internal cloud security controls framework and establish an internal cloud risk management approach.