Survey: Even as More Firms Migrate Security Tools to the Cloud, Concerns Remain

Even as more companies migrate security tools to the cloud, a survey from SIEM provider Exabeam reveals concerns remain. Respondents admitted to concerns over data privacy, unauthorized access, server outages, and integration as critical concerns.

Tags: access, cloud, data privacy, Exabeam, security, SIEM, survey,

The adoption of cloud-first apps can often mean IT and compliance teams need to follow with a cloud-based security approach. 


But for many IT executives, some lingering concerns remain. 


An eye-popping survey released by SIEM provider Exabeam showed a mixed picture when it comes to firms migrating security tools to the cloud. 


In specific, even as cloud-first companies also embark on migrating their security tools to the cloud, Exabeam’s survey reveals some concerns remain. Respondents admitted that topics such as data privacy, unauthorized access, server outages, and integration linger as critical concerns. 


Here are the survey’s stats on respondents’ concerns over cloud-based security in descending order of mentions: 

Data privacy (30 percent)  
Unauthorized access (16 percent), 
Server outages (14 percent), 
Integration with other security tools (14 percent), and 
Data sovereignty (13 percent) 

“While the results of this survey show that some security professionals still have concerns, having visibility into cloud services is vital, and many organizations are now taking a cloud-first approach to security,” said Sam Humphries, a security strategist, Exabeam in a statement. 


“As organizations modernize their security operations, SaaS solutions are increasingly becoming the deployment model of choice,” he added. 


In fact, the survey also revealed evidence that cloud-based security solutions are gaining traction among cloud adopters.   


In specific, the survey found among firms who have started a cloud migration, one-third (33 percent) said that more than half of their security tools are also cloud-based. More than half of respondents (58 percent) said their firms had migrated at least one-quarter of their security tools to the cloud.


Cloud-Based Security Tools Moving Up Maturity Curve, Easing Concerns

From this finding, Humphries suggests that cloud-based security tools will continue to gain traction, noting that the sector is in the heart of the technology maturity curve, which will continue assuage concerns. 


“We can expect more organizations to migrate their security tools to the cloud this year,” Humphries continued, “as security professionals increasingly see the benefits of hosted cloud offerings... and provide the full functionality of traditional on-premise solutions.” 


Humphries added that once cloud-based security tools prove their reliability and utility, they often offer several cost-benefits. Organizations migrate security tools to the cloud to minimize resources and overhead associated with on-prem solutions, he said.  


The survey results also support this. In particular, users noted several benefits of using cloud-based security tools over on-premise options: 

Improvements in monitoring and tracking of attacks (29 percent) 
Reduced maintenance (22 percent) 
CAPEX reductions (18 percent), 
Faster time to value (17 percent), and 
Access to the latest features (13 percent) are drivers for cloud adoption

One last revealing finding: It appears enterprise IT teams committed to moving apps and data to the cloud would also prefer to use cloud-based security as well – so long as their concerns were addressed.   


Almost one-third (32 percent) of respondents said they consider it to be “too difficult” or “too risky” to migrate security tools to the cloud. That said, nearly one-half (46 percent) said their preference is to migrate legacy products to the cloud -- rather than replace legacy on-premise products with new cloud-native security tools. 


Profile of Exabeam Survey Respondents

It’s helpful here to know a bit more about the persona of the survey respondents. 


Organizations are protecting a variety of data types with cloud-based security tools. These include: 

employee email (22 percent), 
customer information (21 percent), 
file-sharing (20 percent), 
personnel files (18 percent) and 
corporate financial information (12%) 

The respondents also had a wide range of experience with cloud migration and usage.   The lion’s share of projects began in 2018 or before, with just over half of respondents (52 percent) noting their firm began migrating to cloud-based security products during this time. 


For projects begun in 2019, the survey found the following breakdown:

About one-fifth (18 percent) of respondents 
A tiny 3 percent said they started in 2020.
About 3 percent have not yet started
The remainder (approx. 14 percent) conceded they had not moved to cloud-based security tools.
They further admitted they aren’t in any hurry, and don’t know when they’ll migrate. 

The Exabeam survey is based on responses from 130 security practitioners attending the Cloud and Security Expo in London between March 11-12, 2020.