Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • The Security Leadership Issue
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

Cloud computing is a bonanza – but security lags

By Robert R. Ackerman Jr.
cloud-computing-freepik
July 1, 2021

The explosion of high-profile ransomware attacks has been dominating the news in the IT sector of late, but most of the time – and for years, not weeks or months – the subject of cloud computing has been front and center. Everywhere you turn in the IT world, people are buzzing about the cloud this and the cloud that.

And no wonder. According to Gartner, by next year up to 60 percent of organizations will rely on a cloud-managed service offering – double the number as recently as 2018. And the growth is showing zero signs of slowing. According to ResarchandMarkets.com, the global cloud computing market is predicted to grow from $371 billion last year to $832 billion by 2025. That’s a sizzling compound annual growth rate of 17.5 percent.

This isn’t really surprising. Time and again, we hear that cloud computing offers enterprises more reliability, scalability and flexibility, removing the hassle of maintaining and updating systems and thus giving companies more time to focus on core business strategies.

It’s also commonly said that security in the cloud is better. On this point, however, a rethink is in order because this premise is at best questionable. Consider, for instance, a survey by Clutch, a Washington-based enterprise computing research firm, which found that nearly two-thirds of IT pros say that the cloud is more secure than legacy systems.

This makes the other third skeptics, and there are hints that even cloud security boosters are cautious about how bullish they really are. Specifically, 28 percent of survey respondents feel cloud computing is “somewhat more secure” as opposed to “much more secure.”

More telling, perhaps, is that the majority of the 300 Clutch survey respondents don’t entirely trust their chosen vendor. Three quarters of them said they add in their own security on top of the vendor’s solution.

Fact is, security in the cloud needs improvement. The problem is that cloud service providers treat cloud security as a shared responsibility with their customers. And while cloud purveyors typically hold up their end of the bargain, many customers do not. Human error among cloud customers is rampant. Gartner has said that at least 95 percent of cloud security failures will be the fault of customers starting next year.

“Migrating IT infrastructure to the cloud means enterprises must evolve their approach to cybersecurity,” says Tim Eades, CEO of vArmour, a Silicon Valley-based cloud security company. “They must adopt a zero trust mindset.  This assumes the likelihood of multiple points of failure and helps confront it.”

Cloud customers clearly need help, and the onus is on cloud purveyors to provide it. Says a Gartner report: “CIOs (and other IT pros) must change their line of questioning from “Is the cloud secure?” to “Am I using the cloud securely?’

Misconfigured cloud settings have caused multiple incidents of data exposures at Amazon Web Services, the biggest cloud purveyor.  In addition, a misconfiguration error in Microsoft’s Azure cloud relatively last year exposed 250 million technical support accounts.

What can be done to fix such problems?

One answer is the adoption of more cryptography. Some public cloud purveyors offer some encryption as an option, sometimes by default, and hopefully others will decide to do the same thing. Also likely to be helpful is new, cutting-edge encryption technology.

I’ll discuss the latter momentarily. First, however, let’s address the miscommunications issue. While Amazon, Microsoft and other cloud companies handle security for their data centers, it is customers who must actually implement the required defenses. There is insufficient sharing of responsibility. If cloud customers don’t protect their own networks and applications – too often the case -- cloud security is undermined.

Exacerbating the problem is the fact that enterprises are increasingly adopting multi-cloud environments and too often lack awareness of all the cloud services at their disposal, according to a study by McAfee. In short, they’re setting themselves up for accidents waiting to happen.

This is a management issue, and should be fixable. The adoption of more cryptography, meanwhile, is a technology issue, and one that can’t be addressed as quickly. Inroads, however, are being made.

One young company, born out of research done at MIT, is developing end-to-end encryption that could redefine cloud-based cybersecurity in a way that doesn’t interfere with workflows while still enabling popular cloud-based machine learning applications. Another startup has developed a secure web gateway in the cloud as a software-as-a-service. Cybersecurity protection is decentralized, enabling data to flow back and forth from a public cloud rather than redirecting it to clients’ own physical data centers, where problems can crop up.

Yet another form of encryption making progress is homomorphic encryption (HE), which makes it possible to analyze or manipulate encrypted data without revealing the data to anyone, offering huge potential in areas with sensitive personal data, such as financial services or healthcare. The adoption of this technology is attracting more attention and generating progress at huge technology companies. 

For now, here are some security tips for companies moving to public and even multi-cloud environments:

  • Make sure none of the components of security fall through the cracks. Overseeing the performance of the respective responsibilities of both cloud purveyors and their customers is essential.
  • Ensure that only authorized users can access data. This is critical to prevent tampering by anyone inside or outside the organization.
  • Insist that your cloud service provider conducts thorough background checks on employees. This is especially important if they have physical access to data center servers.
  • Lastly, bear in mind that you’re tied tightly to any particular cloud provider, for better or worse. Switching is difficult. Do everything possible to choose the right one in the first place.

It’s important to recognize that many, if not most, of the security issues in cloud computing are a byproduct of the unchecked growth of the cloud. Providers, not customers, are liable for any breaches. If necessary, they should slow their growth for a while to prioritize the repair of festering problems. If security gets further out of control, there is no question that cloud growth will slow anyway.

This article originally ran in Today’s Cybersecurity Leader, a monthly cybersecurity-focused eNewsletter for security end users, brought to you by Security Magazine. Subscribe here.

KEYWORDS: cloud security cyber security ransomware risk management

Share This Story

Bob ackerman

Robert R. Ackerman Jr. is founder and managing director of AllegisCyber Capital and co-founder of cyber startup foundry DataTribe. He was the first investor to create a venture fund focused exclusively on cybersecurity and data science and has been investing in cybersecurity for more than 15 years in the U.S. and select international markets. 

Blog Topics

Security Blog

On the Track of OSAC

Blog Roll

Security Industry Association

Security Magazine's Daily News

SIA FREE Email News

SDM Blog

Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Fountain pen

Trump Administration Executive Order Changes Cybersecurity Policy

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!