Friday, December 13, 2019
Corporate Compliance Insights
  • Home
    • Home
  • About
    • About CCI
    • Writing for CCI
    • Advertise With Us
  • Articles
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Industry News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
    • Home
  • About
    • About CCI
    • Writing for CCI
    • Advertise With Us
  • Articles
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Industry News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home News

Major Disconnect Between Beliefs and Actions When it Comes to Cloud Security and IoT

by Corporate Compliance Insights
March 29, 2017
in News
Major Disconnect Between Beliefs and Actions When it Comes to Cloud Security and IoT

AlienVault survey of nearly 1,000 RSA attendees exposes widespread inconsistencies

San Mateo, Calif. (March 29, 2017) — AlienVault RSA survey finds that one third of respondents describe the state of security monitoring within their organization as “complex and chaotic.”

  • 39 percent of respondents use more than 10 different cloud services within their organization, and an additional 21 percent don’t know how many cloud applications are being used.
  • Lack of visibility into the cloud is a significant concern for 42 percent, yet 47 percent would rather monitor a cloud environment than an on-premises one.
  • 62 percent indicate they are worried about IoT devices in their environment, yet 45 percent believe IoT benefits outweigh the risks.

AlienVault®, the leading provider of Unified Security Management™ (USM™) and crowdsourced threat intelligence, today released the results of a survey showing that cloud security remains a thorn in the side of security professionals, with many still struggling to monitor this environment effectively.

Conducted at RSA 2017, 974 conference participants weighed in on cloud security and IoT monitoring to provide an inside look at the challenges and concerns plaguing companies today, along with the opportunities and benefits associated with each technology.

 

Perhaps the most startling survey statistic is that one-third of show attendees described the state of security monitoring within their organization as “complex and chaotic.” Likely a significant factor in this outcome, survey results reveal a major disconnect between respondents’ beliefs and their actions when it comes to cloud security and IoT. For example:

  • 42 percent of respondents are less confident in their ability to detect threats in the cloud versus on-premises, yet 47 percent would rather monitor a cloud environment than an on-premises network.
  • 62 percent state that they are worried about IoT devices in their environment, yet 45 percent believe IoT benefits outweigh the risks. Frighteningly, 43 percent of respondents say their company does not monitor IoT network traffic at all, and an additional 20 percent aren’t even sure of the answer.

“The driving force behind cloud and IoT is the availability and analysis of information, but they must be managed and monitored in the right way. If data is misused, or inadequately protected, the consequences can be severe,” said Javvad Malik, security advocate at AlienVault. “According to the survey findings, many companies are using these impacting technologies to reap the technological and business benefits they provide, but they are doing so without proper monitoring — leaving their company at greater risk of attack.”

When it comes to monitoring security threats in the cloud, an alarming number of respondents reported being left in the dark when decisions are made. According to the survey, 39 percent of respondents are using more than 10 different cloud services within their organization, and 21 percent don’t know how many cloud applications are being used. In addition, 40 percent state that their IT team is not always consulted before a cloud platform is deployed, meaning that they are unable to offer guidance and advice, or do due diligence on a platform or service.

The survey also asked participants what concerned them most about cloud security. While malware was rated as the highest concern, with 47 percent of respondents worrying about it, some of the other responses shed light on why so many security professionals view their environments as complex and chaotic. 42 percent of respondents are concerned about a lack of visibility in the cloud, and 21 percent are worried about the cloud-based services they use producing “too many logs.” This finding also points to the problems associated with auditing cloud environments in the event of an incident.

“Most organizations are drowning in ineffective preventative measures and draining resources with investments in expensive, disjointed solutions. This unfortunate combination is likely a tremendous factor in producing the chaos, complexity and confusion experienced by so many companies,” continued Malik. “It’s time for organizations to focus on what they do have control over — threat detection and incident response — and implement a unified solution that can monitor on-premises, cloud and hybrid environments. Simplifying security in this way enables companies to immediately identify and respond to threats, and in today’s cybersecurity landscape, this is the best strategy to mitigate risk.”

Additional Resources

  • Read the RSA Survey Report here
  • Learn more about AlienVault
  • Learn more about USM Anywhere, USM Appliance and OTX
  • Subscribe to AlienVault’s blogs
  • Follow AlienVault on Twitter, LinkedIn and Facebook

About AlienVault

AlienVault has simplified the way organizations detect and respond to today’s ever evolving threat landscape. Our unique and award-winning approach, trusted by thousands of customers, combines the essential security controls of our all-in-one platform, AlienVault Unified Security Management, with the power of AlienVault’s Open Threat Exchange, the world’s largest crowd-sourced threat intelligence community, making effective and affordable threat detection attainable for resource-constrained IT teams. AlienVault is a privately held company headquartered in Silicon Valley and backed by Trident Capital, Kleiner Perkins Caufield & Byers, Institutional Venture Partners, GGV Capital, Intel Capital, Jackson Square Ventures, Adara Venture Partners, Top Tier Capital and Correlation Ventures.

AlienVault, Open Threat Exchange, OTX, Unified Security Management, AlienApp, AlienApps, USM Appliance, and USM Anywhere are trademarks of AlienVault and/or its affiliates. Other names may be trademarks of their respective owners.


Previous Post

Improving Compliance Training

Next Post

Ethics and Respect in the Face of Populism

Corporate Compliance Insights

Related Posts

ericsson logo on building exterior

Ericsson Agrees to Pay Over $1 Billion to Resolve FCPA Case

December 6, 2019
black and white image of businessman paying bribe

Former CEO of Brazilian Petrochemical Company Charged for FCPA Violation

November 20, 2019
laptop screen featuring Office 365 migration in progress

Moving Communications to the Cloud? Consider Compliance Before Migrating

November 5, 2019
man using risk management software on tablet

NAVEX Global Announces Upgrade to Lockpath Risk Management Platform

October 28, 2019
Next Post
diverse team

Ethics and Respect in the Face of Populism

Free Downloads

OFAC whitepaper cover
Compliance Job Interview Q&A
Reputation Risk Management Research

RSS SEC Litigation News

  • John Special, Defendant, and Michael Murphy, Relief Defendant, John Kenneth Davidson December 12, 2019
    SEC Obtains $3 Million Settlement in Insider Trading Action
  • Palm Beach Atlantic Financial Group, LLC and William A. Smith December 11, 2019
    SEC Charges Florida Resident and His Corporate Entity for Fraudulent Securities Offerings
  • Nanotech Engineering, Inc., Michael James Sweaney (also known as Michael Hatton), David Sweaney, and Jeffery Gange December 11, 2019
    SEC Obtains Asset Freeze to Halt Alleged Offering Fraud

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks Big Data blockchain board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management corporate culture corporate governance culture of ethics cyber risk data analytics data breach data governance decision-making Dodd-Frank DOJ due diligence fcpa enforcement actions GDPR GRC HIPAA information security internal audit internet of things (IoT) KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • Audit
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • HR Compliance
  • Leadership and Career
  • News
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights