A recent report suggests that the public sector is struggling with the complexity of managing cloud security.
The 2024 Thales Cloud Security Study shows that more than half (51 percent) of worldwide public sector organisations believe that managing cloud security risks is more complex compared to on-premise environments.
Forty-four percent reported having experienced some cloud data breach, with 14 percent experiencing one in the last 12 months. On average just 51 percent of their employees use strong authentication to access cloud applications or SaaS.
If you liked this content…
In general, the research indicated that cloud resources have become the biggest targets for cyberattacks, with SaaS applications (31 percent), cloud storage (30 percent) and cloud management infrastructure (26 percent) cited as the leading categories of attack. As a result, protecting cloud environments has risen as the top security priority ahead of all other security disciplines.
“The scalability and flexibility that the cloud offers is highly compelling for organisations, so it’s no surprise it is central to their security strategies. However, as the cloud attack surface expands, organisations must get a firm grasp on the data they have stored in the cloud, the keys they’re using to encrypt it, and the ability to have complete visibility into who is accessing the data and how it being used. It is vital to solve these challenges now, especially as data sovereignty and privacy have emerged as top concerns in this year’s research,” said Sebastien Cano, SVP for cloud protection and licensing activities at Thales.
The company said that as organisations gain more experience in using cloud computing, many have modernised their investments to meet new security challenges. For those that prioritised digital sovereignty as an emerging security concern, refactoring applications to logically separate, secure, store, and process cloud data was the top way they would attain or achieve sovereignty initiatives. This is ahead of other measures such as repatriating workloads back to on-premise or in-territory. Future-proofing cloud environments (31 percent) was the number one driver behind digital sovereignty initiatives, while adhering to regulations came in at a distant second at 22 percent.
