GCC businesses fret over cloud, application security
More applications and workloads moving to the cloud, but a third of UAE companies admit to a security breach: Palo Alto survey
As a result of automation and cloud services integration advancements, effective next-generation security measures can now be easily applied, without causing administrative friction.
This is one of the findings of Palo Alto’s 2017 cloud security survey, released to coincide with the Palo Alto Networks Cybersecurity Summit 2017 in Dubai.
The notion that security is a bottleneck to embracing any cloud model is a thing of the past, the report adds.
The survey interviewed over 1,000 IT decision-makers in the United Arab Emirates and Saudi Arabia, in a bid to explore the state of cloud adoption and security amongst organisations in the region.
UAE-based CIOs agree: cloud security is a top priority. On a scale of 0-10, with 10 being “very important”, cloud security ranked as an 8 or higher by the majority of UAE CIOs (56 percent), according to the Palo Alto Networks survey. Market figures back this up, with research firm IDC forecasting information security spend across the Middle East, Turkey and Africa to reach a record high of US$2 billion in 2017.
Organisations are rapidly adopting cloud technologies, and moving applications and data into a diverse set of cloud offerings, spanning public cloud, private cloud, hybrid cloud and SaaS. In the UAE, a shift towards digitalization, Internet of Things and cloud computing is boosted by ambitious mega-projects and initiatives, such as UAE Vision 2021, that are expected to have positive impact on the country’s IT services market.
The Palo Alto Networks survey found that more than two-thirds of respondents (70 percent) in the UAE indicated that they have 1 to 10 cloud-based applications, with 15 percent and 9 percent stating that they had 11 to 20 and more than 21 applications, respectively. Private cloud is the most popular cloud computing solution amongst enterprises in the UAE, with 26 percent of respondents stating their company has adopted this. Fifteen percent of respondents preferred the public cloud, and a further 16 percent stated that they did not have any cloud computing solutions deployed, but they planned to make the shift to the cloud in the near future.
“As more organisations move to the cloud to take advantage of increased operational efficiencies and lower costs, security needs to keep pace with the new dynamic environments in which businesses operate. Customers need a holistic, integrated and automated approach across their entire architecture from the network and data centre to the cloud,” comments Ercan Aydin, regional vice president of Emerging Markets at Palo Alto Networks.
With 46 percent of respondents admitting to having experienced a security incident, or being unsure if an incident has taken place, security vigilance needs be a top priority when it comes to the cloud. Of those surveyed, more than 50 percent stipulated that firewall (60 percent) and password protection (63 percent) were among the top security systems that their companies deploy to protect themselves against security breaches, indicating that there is a lack of understanding when it comes to securing applications and data in the cloud. Regardless of the size of the organization, a prevention-focused, natively engineered security platform that is simple to deploy and scalable to meet future growth demands is ideal.
“Security breaches and vulnerabilities make the headlines too often these days, and this could threaten trust in the digital age. With workloads and data increasingly distributed across physical and cloud computing environments, organizations need to have security in place that provides visibility, control and prevention of known and unknown threats, and which protects data, regardless of where it resides,” concludes Aydin.