Data security keeping IT experts up at night

Over 90% of IT professionals do not trust that their organisation is well prepared to secure public cloud services.

As businesses across the UAE speed up their digitalisation drive and make the transition to online, as a result of the Covid-19 pandemic, IT departments have expressed their concerns about data security and the threat of cyberattacks.
Speaking to Khaleej Times, Dragan Petkovic, Security and Systems Management at Oracle EMEA region, said that the world is experiencing an unprecedented crisis that is disrupting supply chains and upending economies.
"The new reality is accelerating transformation at a never before seen pace," he said. "Working from home is the new normal, and its effectiveness has clearly been proven. There is little doubt that this trend is likely to continue. Major analysts share consensus that between 5-20 per cent of the office-based positions will continue to work remotely at 74 per cent of the organisations."
The public cloud, he said, is an obvious choice for flexible workforce enablement, and digitalization in general, and should be the first choice. Public clouds are home to some of the world's most critical information and applications from citizen and health data, to military intelligence, payroll processing, and everything in between. The public cloud has proven a worthy alternative to private data centers by offering high resilience to threats and rapid security incident recovery. Still, not all public cloud providers are the same with respect to expertise or built-in security.
"We have witnessed a massive collection of sensitive personal data," said Petkovic. "Assuming processing has means and purpose, it is crucial to secure this data. The first recommendation is consolidation; it is much safer to store data regardless of the type in one place. It is easier to apply database security controls, which is the second recommendation. The encryption of data is a bare minimum. Sensitive personal data should be pseudonymized where possible, particularly when used for statistical analysis. Data access should be restricted, and access should be comprehensively audited."
According to the third-annual Oracle and KPMG Cloud Threat Report 2020, IT professionals are three times more concerned about the security of company financials and intellectual property than their home security. In addition, 75 per cent of IT professionals view the public cloud as more secure than their own data centers, yet 92 per cent do not trust that their organisation is well prepared to secure public cloud services. Nearly 80 per cent of IT professionals say that recent data breaches experienced by other businesses have increased their organization's focus on securing data moving forward.
"In response to the current challenging environment, companies have accelerated the movement of workloads, and associated sensitive data, to the cloud to support a new way of working, and to help optimise cost models. This is exposing existing vulnerabilities and creating new risks," said Tony Buffomante, Global co-leader of KPMG's Cyber Security Services. "To be able to manage that increased threat level in this new reality, it is essential that chief information security officers build security into the design of cloud migration and implementation strategies, staying in regular communication with the business."
rohma@khaleejtimes.com