Netwrix survey: 98% of educational institutions are not hiring dedicated staff to improve cloud security
September 2019 by Netwrix
Netwrix released an infographic based on the findings of its global 2019 Netwrix Cloud Data Security Report for the education sector. The infographic provides an industry perspective on the data that educational institutions store in the cloud, the state of their data security and their plans for further cloud technology adoption. The 2019 Netwrix Cloud Data Security Report revealed that 53% of educational organisations are ready to start deploying a “cloud-first” strategy for all new services and technologies, up from 40% last year. However, every third organisation in this sector experienced a cloud breach in the previous year. One critical factor is that IT teams at 70% of educational organisations don’t receive sufficient budget for cloud security: Only 12% of them saw their security budgets increased in 2019, and 98% say their management is not choosing to hire dedicated IT security staff to support cloud security.
Other findings revealed by the research and shown in the infographic include the following:
• 71% of organisations that were breached in the previous year never classified all the data they store in the cloud.
• 65% of organisations say business users were responsible for the incidents.
• IT teams plan to strengthen data security in the cloud by enforcing stricter security policies (41%) and training employees (39%). They are likely choosing these less costly measures due to lack of financial support from management.
• Only 19% of educational institutions are ready to move their entire infrastructure to the cloud, down from 32% in 2018.
“Cloud technologies help educational institutions manage vast amounts of data cost efficiently. However, these organisations cannot rely solely on their cloud providers for cybersecurity. To keep sensitive data like student information secure, security pros must: 1) help their business colleagues understand that while security might be expensive, being unsecure is even more so; 2) work with management to learn how to use their limited budgets more efficiently to keep find and secure sensitive data,” said Steve Dickson, CEO of Netwrix.
“While the top-tier cloud providers do an excellent job of securing the services they provide, they do not secure the applications or data that you host there. You are responsible for making sure that the data you put on IaaS is locked down appropriately. It’s not the provider’s fault if you leave your data unprotected. Identifying responsibilities is critical to secure use of the cloud,” — Gartner, “The Cloud Strategy Cookbook, 2019,” by David Smith, April 2, 2019.