Cloud Security: Unleashing Key Benefits | Gartner
source link: https://www.gartner.com/en/cybersecurity/topics/cloud-security
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Evaluate cloud security controls using outcome-driven metrics
As the use of cloud services continues to grow worldwide, a shift in security approaches and technologies is underway. Security and risk management leaders need a different spending model backed by business-relevant metrics.
Use this research to:
Balance cloud security investments with business-relevant outcomes.
Define outcome-driven metrics to assess cybersecurity results.
Ensure your investment reflects the level of protection it achieves.
Understand and mitigate cloud security risks
Cloud computing has many advantages, such as sharing storage and resources, but can also lead to cloud security risks. Learn how to manage those risks to protect data and intellectual property.
- Is the Cloud Secure?
- Cloud Security Risks
- Risks by Type & Model
- Mitigating Cloud Risks
Public cloud security breaches are very rare
Cloud use does not result in higher security or continuity failure. It appears to be the opposite. Customer error accounts for most breaches. Properly used, cloud computing is safe and secure.
The strong security delivered by cloud service providers (CSPs) is due to:
Scale — Delivering service to multiple organizations enables cloud providers to invest in resilience and security.
The ability to dynamically allocate resources — Cloud providers can deliver encryption, authentication and filtering across their services.
Competition between vendors — Strong security is a differentiator for providers within a competitive market.
Standardization of security processes — As providers mature and obtain certifications such as ISO27001, client organizations can potentially replace legacy security technologies without incurring capital expense.
Fewer than 20 globally active CSPs provide the majority of worldwide cloud processing. “Tier 1” CSPs are characterized by over a decade of reliable service and market dominance. When it comes to security, they provide world-class levels.
Second- and third-tier CSPs are somewhat riskier, as evidenced by several data leaks and ransomware incidents that have affected customer organizations in recent years.
That is not to say that there are no risks to using the cloud. Rather, these risks are not limited to cloud security. Many are connected with relinquishing control over governance and compliance. In order of impact, the top risks include:
Wasted employee time
Overspend
Agility risk/technology debt
Slow time and downtime
Security exposure and data leakage
Compliance and audit complications
Program risk
To start assessing cloud security, organizations should look at the following factors:
Internal or external — The physical location of your organization’s data.
Proprietary or open — The ownership of the cloud technology, services and interfaces and the degree of interoperability and transportability between them.
Perimeterized or deperimeterized — Whether security protections are in place at the data level or through a traditional, infrastructure-based perimeter.
Insourced or outsourced — Whether a third party or your own staff deliver cloud services.
Drive stronger performance on your mission-critical priorities.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK