According to one global survey of large organizations, increased cloud adoption has not been matched stronger encryption and data protection.

In a global survey of 2,625 IT and IT security professionals in January 2021 on the Internet with organizations worth greater than US$100m (and up to US$250m in selected countries), it was found that 83% of respondents were not encrypting half of the sensitive data they stored in the Cloud despite the rise in cybercriminal attacks.

With 40% of organizations polled having experienced a cloud-based data breach in the last 12 months, the survey by Thales—conducted as an observational study and with no goal to make causal claims, noted:

  • Cloud adoption was on the rise in the polled organizations, and businesses were continuing to diversify the way they used cloud solutions. Globally, 57% of respondents reported they made use of two or more cloud infrastructure providers, whilst 24% indicated that the majority of their workloads and data now resided in the cloud.
  • 21% of respondents hosted the majority of their sensitive data in the cloud, while 40% reported they had had a breach in the last year.
  • 33% of respondents reported multi-factor authentication as being a central part of their cybersecurity strategy.
  • 17% of respondents encrypted more than half of the data they stored in the cloud. For respondent organizations using a multi-cloud approach, this figure dropped to 15%.
  • 34% of respondents left the control of keys to service providers rather than retaining control themselves.
  • 48% of business leaders in the survey admitted their organization did not have a Zero Trust strategy, and 25% were not even considering one.
  • 46% of global respondents claimed managing privacy and data protection in the cloud was more complex than on-premises solutions.
  • Hybrid models were common with many respondents that were not moving entirely to the cloud: 55% had indicated a preference for a ‘lift & shift’ approach to cloud adoption over re-architecting.

According to the firm’s Senior Vice President for Cloud Protection and Licensing activities, Sebastien Cano: “Organizations across the world are struggling to navigate the increased complexity that comes with greater adoption of cloud-based solutions. A robust security strategy is essential to ensuring data and business operations remain secure. With nearly every business reliant on the cloud to some extent, it is vital that security teams have the ability to discover, protect, and maintain control of their data.”