Tenable: Security Expertise Gap Threatening Cloud Expansion

as more organisations adopt cloud services, cybersecurity threats have become a major concern
A Tenable report shows how despite a majority of companies wanting to expand their cloud, many don't believe they have the security to safely do so

As businesses strive to meet the increasing demand in AI, many aim to enhance their cloud presence.

Google recently announced €1bn (US$1.8bn) investment in its Finnish data centre campus, emphasising its commitment to Cloud AI growth in Europe.

The rapid advancement of AI generates a large volume of data that data centres must manage, compounded by modern cybersecurity protocols necessitating data replication for resilience against breaches and corruption.

However, Tenable, an exposure management company, has cautioned in a recent report that these cloud expansion plans may be jeopardised by a skills gap.

Youtube Placeholder

Issues with expansion

Tenable's latest cloud security report, "2024 Cloud Security Outlook: Navigating Barriers and Setting Priorities," reveals that although 97% of IT managers plan to expand their cloud environments in the next year, 45% of those overseeing cloud security cite a significant lack of expertise as a barrier to implementing new cloud security measures.

"In today's digital landscape, organisations are racing to embrace cloud technologies for their myriad benefits, yet our latest findings reveal that a staggering 97% of organisations are currently grappling with insufficient expertise in cloud infrastructure security," said Bernard Montel, EMEA Technical Director and Security Strategist at Tenable, following the report.

The need for expertise

Cloud computing has transformed business operations, offering scalability, cost-effectiveness, and accessibility. However, as more organisations adopt cloud services, cybersecurity threats have become a major concern.

A 2024 report from CrowdStrike indicates that cloud intrusions have increased by 75% over the past year, with attackers penetrating customer environments in as little as two minutes.

Threats to cloud environments include data breaches, where vulnerabilities or misconfigurations expose sensitive information; DDoS attacks, which flood cloud resources with malicious traffic, disrupting services and causing financial losses; and insider threats, where individuals with legitimate access exploit cloud systems.

Addressing these threats necessitates a multi-layered approach, including robust access management, encryption, continuous monitoring, and adherence to cloud security best practices. 

This underscores the need for a growing number of skilled cybersecurity professionals, a resource currently in short supply. 

Lewis West, Head of Cybersecurity at Hamilton Barnes, highlighted how an ageing workforce and the financial challenges small businesses face post-COVID have created a crisis in the cybersecurity sector.

A 2023 report by the professional association for IT services, ISACA, also found that 39% of organisations are seeking to fill entry-level positions that do not require experience, degrees, or credentials to address this shortfall.

Without a dedicated team of cloud security experts, organisations may overlook critical misconfigurations, fail to implement robust access controls, or struggle to monitor their cloud infrastructure effectively.

Even outsourcing elements of security is tentative, as 33% of respondents to the Tenable report believe that one of the biggest risks to their cloud infrastructure now comes from third-party suppliers.

"While the intention to expand cloud systems is evident among IT leaders, the alarming occurrence of breaches and the identified risks, such as third-party providers in supply chains, underscores the urgent need for organisations to prioritise investment in upskilling and resources," Montel states. "Addressing the clear skills gap is paramount in fortifying cloud security measures and mitigating the risks posed by an evolving threat landscape."

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand

Share

Featured Articles

Bridging the Gap: Examining the UK-US Data Bridge

The UK-US Data Bridge was created to replace EU data frameworks and allow the exchange of personal data whilst still adhering to agreed rules

Hiddenlayer CSO Tells Why It Made an AI Security Council

Chief Security & Trust Officer at HiddenLayer Malcolm Harkins explains why the company felt the need to create an AI Security Council and its objectives

Cooperation Key Theme at Microsoft Endpoint Security Summit

The Microsoft Endpoint Security Summit brought together leaders in the cybersecurity industry to discuss strategies for securing endpoints on Windows

Why the UK is Listing Data Centres as Critical Cyber Assets

Cyber Security

Trustwave Reveals the Financial Sector's Cyber Threats

Cyber Security

TCS and Google Cloud Join for Solution to Secure the Cloud

Technology & AI