Intelligent CISO Issue 30 | Page 55

Cloud Security Alliance study finds while CASB demand is high , additional education is needed

Further , more than 30 % of respondents reported having to use multiple CASBs to meet their security needs and just over one-third ( 34 %) find solution complexities an inhibitor in fully realising the potential of CASB solutions . Overall , CASBs perform well for visibility and detecting behaviour anomalies in the cloud but have yet to become practical as a tool for remediation or prevention .
he Cloud Security Alliance

T

( CSA ), an organisation dedicated to defining standards , certifications and best practices to help ensure a secure cloud computing environment , announced the release of its latest survey report , The Evolution of the CASB . The study , which queried more than 200 IT and security professionals from a variety of organisation sizes and locations , examined the expectations , technical implementations and challenges of using cloud security access brokers ( CASB ). The results reveal unrealised gaps between the rate of implementation or operation and the effective use of the capabilities within the enterprise .
“ CASB solutions have been underutilised on all the pillars but
in particular on the compliance , data security and threat protection capabilities within the service ,” said Hillary Baron , Lead Author and Research Analyst , Cloud Security Alliance .
“ It ’ s clear that training and knowledge of how to use the products need to be made a priority if CASBs are to become effective as a service or solution .”
Commissioned by Proofpoint , a leading cybersecurity company and CASB solution provider , the paper found that while nearly 90 % of the organisations surveyed are already using or researching the use of a CASB , half ( 50 %) don ’ t have the staffing to fully utilise cloud security solutions , which could be remediated by working with top CASB vendors .
“ To overcome the gaps uncovered in this Cloud Security Alliance survey , look for a solution that is part of a larger security portfolio and can effectively address the people-centric cloud security concerns on cloud account compromise , cloud data loss prevention and cloud application compliance and visibility ,” said Tim Choi , Vice President of Product Marketing for Proofpoint . “ It ’ s critical that the journey starts with clear goals in mind and prioritised objectives . In addition , identifying CASB solutions that provide a deployment model that can be operationalised in hours , not weeks , leads to faster time to value .”
Additionally , the report found that when it comes to utilising CASBs , of those surveyed :
• 83 % have security in the cloud as a top project for improvement
• 55 % use their CASB to monitor user behaviours , while 53 % use it to gain visibility into unauthorised access
• 38 % of enterprises use their CASB for regulatory compliance while just 22 % use it for internal compliance
• 55 % of total respondents use multi-factor authentication that is provided by their identity provider as opposed to a standalone product in the cloud ( 20 %) u
intelligent CLOUD SECURITY
www . intelligentciso . com | Issue 30
55