In 2023, cloud computing has become commonplace across tech and non-tech organizations around the world. Over the past two years, it has cut out the middleman — expensive local infrastructure needed for computer applications — and has accelerated the growth of some of the most significant recent technological advances, including driving major improvements in artificial intelligence (AI), the Internet of Things (IoT), and remote and hybrid working.
But are organizations prepared for public clouds?
According to the 2023 Thales Cloud Security Study, which surveyed nearly 3000 respondents across 18 countries, over three-quarters of respondents now rely on more than one cloud provider. The average organization uses 2.26 infrastructure providers, a 35% increase since 2021. In 2021, 16% of respondents' organizations used 51-100 SaaS applications; by 2023, this percentage increased to 22% for 97 average SaaS applications.
So what's the problem?
Multi-cloud adoption is becoming increasingly complex — and most organizations are failing to keep up.
Cloud complexity
Multicloud adoption has brought operational complexity, making the management and security of data in the cloud more difficult. Between 2021–2023, the number of respondents feeling the effects of this complexity arose from 46% to 55%.
This makes more sense when you consider the way organizations choose to store encryption keys. Only 14% of respondents said they controlled all their encryption keys in their cloud environment, while nearly two-thirds said they used five or more key management systems, which is difficult to believe from a complexity perspective. It's no wonder organizations are struggling to keep track of their data.
Cloud data concerns
There is more data stored in the cloud than ever. However, more interesting is how much more sensitive data organizations are storing in the cloud. Three-quarters of respondents report that 40% of their data is sensitive, a 16% increase since 2021.
However, many organizations still aren't giving cloud security the necessary attention. Less than half of their overall cloud data is encrypted, and only 22% of respondents reported that more than 60% of their cloud data is encrypted. It's undeniable that organizations need to improve their cloud security.
The cloud threat landscape
The cloud threat landscape is not immune to today's cybersecurity concerns. The number of organizations that experienced a breach in the past grew 4% from 2021 (35%) to now (39%). Even more concerning, nearly half of respondents said they had experienced a data breach in their cloud environment.
Data sovereignty challenges
Cloud data sovereignty is the concept that data stored in the cloud is subject to the laws and regulations of the country or other jurisdiction. While data sovereignty represents an opportunity for organizations to undergo digital transformation, it also brings significant cloud security challenges. More than 80% of respondents said they were "somewhat" or "very" concerned about data sovereignty impacts on their cloud deployments.
Looking Forward
Organizations shifting to cloud computing must move away from complexity and embrace easy-to-manage cloud services and data protection. It is also imperative that they account for the human factor, i.e., human errors and misconfigurations that risk cloud and company security. The cloud is an extension of your infrastructure and must be treated this way if organizations intend to optimize its security and value. As companies use more cloud services and store more sensitive data in the cloud, they will gain operational and financial advantages and thrive in a competitive market.