Only half of organisations say all of their cloud providers are ready for the General Data Protection Regulation (GDPR) deadline of 25 May, according to McAfee’s The State of Cloud Security report.
Surveying 1,400 CISOs and IT managers globally, the report revealed challenges and concerns surrounding cloud security.
A previous McAfee survey revealed that 80% of organisations expected help from their service providers with GDPR compliance, however only half can now confidently say their cloud providers have a plan in place.
Therefore, the report concluded that organisations who are more confident in their cloud providers’ GDPR readiness were more likely to spend on cloud services in the coming year.
>See also: GDPR: Compliance to commitment
Just under half said they plan to increase their investment in cloud services, because of GDPR, with 44% expecting their spending to remain the same. Less than 10% said they expect to decrease their cloud services investment in light of GDPR.
“The implementation of the incoming GDPR due to come into force in just over a month’s time, will affect cloud users around the world,” said Nigel Hawthorn, data privacy expert in McAfee’s cloud security business unit.
“Becoming GDPR compliant requires a combination of knowledge, processes, policies, technology and training, as well as detailed understanding of data flows to and from third parties and cloud services. With this in mind, it is concerning that only half of the respondents stated that all of their cloud providers have a plan in place for GDPR compliance.”
The report also investigated obstacles faced by companies implementing cloud services.25% reported a lack of staff to manage security for cloud applications, whereas 24% said they were not experiencing a skills shortage.
40% of those surveyed said they were beginning to slow cloud adoption at their company.
>See also: The winding road to GDPR compliance
The highest ranking concern was data theft, with 56% admitting they had tracked a malware infection back to a cloud application – an increase from 52% last year.
The report found that lack of visibility is one of the most commonly experienced issues. This included problems with users creating cloud workloads outside of an organisation’s IT department, transparency challenges surrounding where data is stored in the cloud and being unable to monitor cloud workloads.
The report stated: “Poor visibility has a bigger impact on navigation than any single control or capability. After all, you cannot steer around what you cannot see.”
“The leading adopters of cloud services understand this axiom and are integrating cloud visibility into their IT operations to accelerate business. Better cloud visibility enables an organisation to adopt transformative cloud applications sooner, respond more quickly to security threats, and reap the cost savings that virtualisation provides.”