The report is based on the feedback of 749 organisations of various sizes located around the world. Respondents shared their experience in storing data in the cloud, their top concerns about securing that data and their plans for storing sensitive data in the cloud in the future.
The report reveals the following key findings for the UK:
· While nearly half (49%) of organisations store personally identifiable information (PII) in the cloud, 43% of organisations would never store payment or financial data there. The most common drivers for moving PII to the cloud were to cut costs (50%) and to make the data available for remote workers (41%)
· 25% of organisations that store customer data in the cloud had at least one security incident during the preceding 12 months. However, among organisations that store customer PII in the cloud but did not classify all their data, 68% experienced a security incident
· 75% of organisations were not able to determine the threat actor behind a security incident
· 85% of breached organisations said that their cloud security budget did not increase in 2019, and 67% of them stated that their executive leadership teams don’t support their cloud security initiatives
· 55% of the organisations are not going to do anything to strengthen their data security in the cloud, and half of those that are taking action will limit themselves to improving employee training
“The survey revealed that, despite the GDPR, organisations still have very little visibility into what customer data they have and who has access to it. Lack of executive support hampers implementation of a security strategy, leaving organisations vulnerable to security threats. Data discovery and classification will help organisations focus their security efforts on truly important data and choose appropriate controls within their limited IT budgets,” said Matt Middleton-Leal, EMEA and APAC General Manager at Netwrix.