Cloud Maturity Study Reveals Top 10 Issues Eroding Cloud Confidence
Findings from today’s joint Cloud Security Alliance (CSA) and ISACA study show that government regulations, exit strategies and international data privacy dominate the top 10 areas where confidence in the cloud is lowest.
The Cloud Market Maturity Study provides insight into the maturity of cloud computing and offers details on the adoption of cloud services among all level of professionals, including the C-suite. Respondents were least confident about (ranked from zero to five, from least to most confident):
1. Government regulations keeping pace with the market (1.80)
2. Exit strategies (1.88)
3. International data privacy (1.90)
4. Legal issues (2.15)
5. Contract lock in (2.18)
6. Data ownership and custodian responsibilities (2.18)
7. Longevity of suppliers (2.20)
8. Integration of cloud with internal systems (2.23)
9. Credibility of suppliers (2.30)
10. Testing and assurance (2.30)
“We must provide a clearer definition of what cloud is and how the many innovative and secure services can positively impact today’s businesses,” said J.R. Santos, global research director, CSA. “We need to engage senior management. Cloud can no longer be thought of as a technical issue, but rather a business asset to embrace.”
The survey includes responses from more than 250 participants from nearly 50 countries, representing 15 industry segments.
“It’s interesting that governance issues recur repeatedly in the top 10 concerns. Cloud users recognize the value, but wrestle with questions on data ownership, legal issues, contract lock-in, international data privacy and government regulations,” said Greg Grocholski, CISA, international president, ISACA. “As cloud services evolve, we must work together to provide insights and recommendations so enterprises can succeed.”
Results of the study provide insight on the progression of cloud adoption. For example, business enablers (score 4.08) rather than financial considerations (score 3.5) are the primary factors in making cloud decisions, with the least important factor being the ability to reduce the environmental footprint of the organization (score 2.67).
Respondents feel there is room for improvement regarding innovation in the cloud. Nearly one in four (24 percent) indicate that there is no or limited levels of innovation in the market. Forty-three percent believe there is a moderate level of innovation, while 33 percent report that the level of innovation in terms of products, services and business use is significant.
“Results show that CIOs and IT management understand cloud best and are most involved in driving cloud innovation in their organizations. This limits cloud maturity and innovation since cloud continues to be viewed as a technical solution and not as a business enabler,” said Yves LeRoux, a member of CSA and the ISACA Guidance and Practices Committee. “Cloud can provide business-building innovation, but there needs to be more buy-in among business leaders and C-level executives on value and risk.”
Still, the respondents remain moderately confident that cloud services are meeting service and strategy expectations and that problems are being addressed. Many rated cloud services as providing confidence in strategy and problem resolution (means score 3.47), indicating cautious optimism.
The report is at www.isaca.org/cloud-market-maturity and https://cloudsecurityalliance.org/research/collaborate/#_isaca. ISACA and CSA will discuss results in an 11 October webinar. Register at http://www.isaca.org/webinars.
About Cloud Security Alliance
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.
With 100,000 constituents in 180 countries, ISACA (www.isaca.org) is a global provider of knowledge, certifications, and education on information systems. Founded in 1969, the nonprofit, independent ISACA developed COBIT; hosts international conferences; publishes the ISACA Journal; develops international IS auditing and control standards; and offers the CISA, CISM, CGEIT and CRISC designations. Follow ISACA on Twitter at @ISACANews.