47% of UK IT Leaders Say Security Strategies Have Not Been Updated to Account for Their Cloud Environments

A new study conducted by Trend Micro has revealed that while many UK companies have migrated to cloud environments, almost half (47%) have not updated their security strategies and are still reliant on security technologies for on premises environments.

Traditional IT security measures such as firewalls, antivirus software, and intrusion detection systems work well with on premises IT infrastructure, but they are far less effective at protecting cloud environments, and often result in security gaps and performance bottlenecks.

23% of respondents to the survey said they had already partly or fully transitioned into a DevOps model to drive digital transformation, so it is a concern that their security measures have not been adapted to provide adequate protection for their cloud and multi-cloud environments.

“Container, serverless and other emerging technologies require specially designed security capabilities delivered as application program interfaces (APIs) in order to provide appropriate protection without interrupting development pipelines,” said Bharat Mistry, principal security strategist at Trend Micro. The failure to adapt security strategies to protect cloud environments is placing UK firms at a higher risk of experiencing a cyberattack involving their cloud-stored data.

The study, commissioned for CLOUDSEC Online, revealed IT leaders want to have a single security platform that can provide cloud and on-premises security, but there is a lack of integration between the two types of tooling. 43% of respondents said the lack of integration was the biggest barrier to cloud security and 33% of respondents said integration issues were the main cause of day-to-day operational headaches.

55% of respondents wanted third-party security providers to integrate with multiple platform and application vendors, and 54% said they would like a security vendor that is aligned with their cloud and multi-cloud journey.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of NetSec.news