Is the Financial Industry Abandoning Cloud?
Securing data in the cloud and making certain to comply with ever-evolving regulations come as no easy tasks for the financial industry, as recent findings from IT security software vendor Netwrix make clear.
Yet the information contained in the company’s fourth annual Cloud Data Security Report points to prime opportunities for the channel to help the finance vertical better understand and take advantage of the cloud.
Take, for example, this series of discoveries Netwrix uncovered:
- Just more than a quarter – 27% – of IT teams in the financial sector moved data to the cloud for no specific reason, and none received financial support from management for those cloud initiatives.
- One in three organizations that did not receive additional cloud security budget in 2019 experienced a data breach.
- More than half – 56% – of financial organizations that had at least one security incident in the cloud last year couldn’t determine who was at fault.
- Almost a third – 31% – of financial organizations would consider moving data back on premises due to concerns about security, reliability and performance, and high costs.
- Financial industry interest in broader cloud adoption has faded since 2018. The number of organizations ready to adopt a cloud-first approach dropped by 16% and the number eager to move their entire infrastructure to the cloud fell by 12%.
Of the financial firms that suffered a breach, the reasons why will give channel partners talking points for helping existing clients or potential customers. When asked who posed the biggest risk to cloud data security, 58% of respondents cited insiders. Business users ranked 31%, IT staff 16% and contractors 11%. Each of these parties had legitimate access to the business and, yet, presented the greatest liability, according to Netwrix’s findings. Report authors agreed.
“It was surprising that internal IT staff ranked third, at 16%, since these employees are often responsible for the cloud server misconfigurations in the news and their high-level privileges put the company at risk from both malicious and accidental actions,” analysts wrote.
Hackers did come in at 22% and cloud providers themselves at 11%.
Indeed, ensuring cloud data security is only going to get more difficult. Threats and bad actors grow more sophisticated by the day, even as global government requirements become more stringent. Channel partners are critical to helping organizations stay abreast of the constant changes.
“To ensure investments in cloud technologies deliver maximum value and to keep data secure, financial organizations should align their IT initiatives with business goals,” Steve Dickson, CEO of Netwrix, said. “This can be achieved when management and IT staff build strong communication with one another, so the IT team receives the support required to establish an effective cloud security strategy.”
Channel partners helping clients steer their cloud data security initiatives would do well to take the lead on these discussions, and provide the guidance internal IT teams require to maximize cloud capabilities while safeguarding information. For small and midsize customers, the call to action is even more urgent, as a recent Techaisle report underscores.
These end users, who also can operate in the financial industry, often lack the budget of their larger counterparts. As such, they have a harder time securing their cloud data. Techaisle found that more than half (52%) of small businesses and 62% of midmarket companies in Europe suffered one or more security incidents in the last year.
Not surprisingly, the Netwrix report ascertained that much of the reason for data security issues ties to budget. More than half of respondents – 55% – told the vendor their cloud security budgets did not increase in 2019.
“Most IT organizations will have to figure out how to operate within their limited budgets by optimizing and prioritizing their cloud security efforts,” authors wrote. “Options include investing in solutions that encrypt data or provide visibility into activity around sensitive data, while conducting security training on their own.”
Once again, channel partners can prove vital in spearheading such activity.
Netwrix surveyed 749 participants from organizations of all sizes around the world.