The Challenges of Data Security and Sovereignty in a Multicloud World
If there’s a dominant theme that the data from the 2023 Thales Global Cloud Security Study conveys, it’s that the world has become cloud-first and multicloud and that it’s more complex to secure the cloud. The latest edition of the survey of nearly 3,000 respondents in 18 countries explores challenges of security in cloud environments that have become a critical element in modern, digital infrastructure and services. While there has been improvement in the overall cloud security posture from the previous year, there is still work to be done to simplify and secure cloud operations, especially when it comes to addressing human error. Multicloud operations bring with them operational complexity, something that needs to be tamed to secure cloud environments efficiently and effectively.
Analysis from S&P Global Market Intelligence, based on a survey of nearly 3,000 security professionals worldwide
2023 Thales Cloud Security Study – Global Edition
The study shows that organizations are operating in a dynamic multicloud landscape, demanding seamless and efficient access to on-demand IT infrastructure and services.
Multicloud is a reality.
The average number of cloud infrastructure providers well above two (2.3). More than three quarters (79%) of this year’s respondents have more than one cloud provider.
We’re only human:
Human error is the leading cause of cloud data breaches
Well ahead of exploitation of vulnerabilities, the second highest at 21%.
Securing data in the cloud is seen as becoming more complex.
It has increased to 55% from 46% just two years ago.
Dramatic increase in sensitive data reported in the cloud.
75%of respondents report that 40% or more of their data in the cloud is sensitive, up from 49% in 2021.
SaaS usage is growing.
97The reported use of SaaS applications has expanded, with the mean rising to 97 applications, increasing the number of points of use where data must be secured.
SaaS applications garnered the most votes as the leading targets for attackers (ranked first as a target by 38%), followed closely by cloud-based storage (ranked first as a target by 36%).
Digital sovereignty issues around cloud usage loom large on multiple fronts.
Respondents report high use of cloud provider-dependent encryption key management, alongside growing concerns about sovereignty mandates.
83%are concerned about impacts of sovereignty on cloud deployments.
Treating cloud environments as an extension of existing infrastructure while maintaining exclusive control and security of data, especially sensitive data, is key to cloud security. Customer control of encryption keys is essential as it allows organizations to leverage the scalability, cost efficiency, and accessibility benefits of the cloud while ensuring the utmost integrity and confidentiality of their valuable information."