Cloud computing has become a top risk concern for executives in risk, audit, finance and compliance, a survey published by IT research firm Gartner showed, after speaking to 110 senior executives in these sectors.
While cloud computing presents organisations with novel opportunities, a number of new risks — including cybersecurity disclosure and General Data Protection Regulation (GDPR) compliance — make cloud solutions susceptible to unexpected security threats, the company said in a media statement.
“Executives are right to expand cloud services as part of their digital business initiatives but they need to ensure their cloud security strategy keeps up with this growth,” said Matthew Shinkman, practice leader at Gartner, in the statement. “Leaders should start by clearly identifying their most at-risk areas, which remain obscure to many large organisation leaders.”
For the survey, Gartner had spoken to 110 senior executives in these industry sectors
The survey identified social engineering and GDPR compliance as the two leading high-impact risks that can cause the greatest enterprise damage if not adequately addressed by risk management leaders. However, only 18% of cross-functional executives surveyed currently considered social engineering to be a significant enterprise risk.
The survey also found that through 2022, 95% of cloud security failure will be due to the organisation.
By 2021, Gartner, expects cloud computing to become a $300-billion business as adopting the tech will result in significant cost savings and generate new sources of revenue, the company explained.
The report also claims that enterprises are still struggling with security. Despite record spending on information security in the last two years, organisations have lost an estimated $400 billion to cyber theft and fraud globally, it said.
"As cybersecurity events and data breaches increase, it is imperative that organizations elevate IT security to a board-level topic and an essential part of any solid digital business growth strategy. Executives should promote risk awareness throughout the organisation,” Shinkman said.