Nearly three-quarters of surveyed professionals say concerns regarding data security prevent their organizations from adopting cloud services. And more than half of the respondents say their own services are more secure than those offered by cloud providers.
These are among the findings of the new 2012 Cloud Security Survey. Join a distinguished panel of cloud computing experts for the first look at the findings of this perceptive study and how organizations can improve the security of their cloud computing initiatives, including:
Understanding risks cloud computing presents;
Mitigating these risks;
Steps to take to employ cloud computing securely and effectively
What are organizations' top cloud security concerns, and how are security leaders addressing these concerns through policy, technology and improved vendor management?
This is the key question posed by the 2012 Cloud Security Survey.
No longer just an emerging technology practice, cloud computing today is embraced globally as a means of gaining efficient access to critical applications, processes and storage. It's now common for organizations to rely on cloud service providers for functions and business applications such as customer relationship management, messaging or storage via a public, private or hybrid cloud. Further, industry-specific cloud-based applications such as electronic health records or mobile banking and payment applications are emerging at an unprecedented pace.
But these engagements come with questions about risks:
What are your cloud service provider's security and privacy measures, and have they been audited?
Where geographically is cloud data being stored, and how do operational practices comply with government, industry and organizational privacy regulations?
How is a multi-tenant cloud environment managed, and in the event of system compromise - what will be the incident response escalation process?
Yes, cloud computing is about efficiencies and new technologies, but it's also about security, privacy and an organization's reputation.
The 2012 Cloud Security Survey was crafted with assistance from leading experts in cloud computing, security and privacy, with a mission to:
Chart the latest cloud trends, including types of cloud implementations most common by industry and region;
Gauge organizations' top cloud security concerns, from vendor security to data governance and breach preparedness;
Predict the top areas of investment for organizations most concerned about cloud security.
This webinar will draw upon survey results and expert insight from a special roundtable panel to discuss:
Top Security Concerns - Are organizations more concerned about where their data is stored, or whether a malicious insider might be a threat to it?
Success Factors - On a scale with cost savings and availability of services, how does security now rank among elements critical to a successful cloud computing implementation?
Protective Measures - What are some of the practices organizations are employing, from instituting more stringent contracts to enforcing third-party audits and even participating in mock security exercises with cloud service providers?
Chabrow hosts and produces the semi-weekly podcast ISMG Security Report and oversees ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.
Shareholder, Greenberg Traurig
Gilbert is the Founder and Managing Director of the IT Law Group, a niche law firm, based in Palo Alto, which focuses on information privacy and security, cloud computing and data governance. She advises MNCs, global companies, selected start-ups and non-profit organizations on complex issues related to evaluating and strategically managing the privacy and security of personal data in various environments, at the domestic level and worldwide. An internationally recognized thought leader and expert in privacy and data protection law, Gilbert was named "2014 San Francisco Lawyer of the Year for Information Technology Law" by the Best Lawyers in America. For several years, the prestigious Chambers USA and Chambers Global, The Best Lawyers in America, and the Who's Who in E-Commerce have recognized her as one of the leading lawyers in the field of information privacy and security.
former Dir. of Incident Response, Expedia; Principal Consultant, Public Sector Cyber Security Contracting Services
David Matthews has worked in the information technology (IT) field since 1992. In early 2005 he was selected to be the first Deputy CISO for the city. In his work for the city he developed and created an incident response plan that is compliant with the National Incident Management System (NIMS)/Incident Command System (ICS); updated and extensively rewrote the city's information security policy; and created and taught training courses on information security and forensics. He most recently created an IT primer for the city's law department as part of his collaboration with them on e-discovery issues.
Matthews is the public-sector co-chair of the U.S. Computer Emergency Readiness Team (US-CERT)/Department of Homeland Security (DHS) sponsored North West Alliance for Cyber Security (NWACS). With NWACS he has worked with the Pacific Northwest Economic Region (PNWER) nonprofit to sponsor information security training for Supervisory Control and Data Acquisition (SCADA) operators and managers.He is also the chair of the local Critical Infrastructure Protection subcommittee of the Regional Homeland Security team, and also is a member of the American Bar Association's Science and Technology and Electronic Discovery committees.
David holds the titles of Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Digital Recovery Forensics Specialist (DRFS), and CyberSecurity Forensic Analyst (CSFA).
IT/CTO, NASA's Jet Propulsion Laboratory
Soderstrom's mission is to identify and infuse new IT technologies into the environment at JPL, a NASA unit managed by the California Institute of Technology. Soderstrom has sponsored JPL's initiatives to bring secure social-networking, virtual-world, virtualization and cloud computing technologies into effective use at the NASA unit. He's a frequent producer and consumer of advanced collaboration and engineering tools and practices. Before joining JPL in 2003, Soderstrom served as director of Western operations for Raytheon Technical Services Co.