Cloud computing is a key concern for executives in risk, audit, finance and compliance, according to the latest survey by Gartner, with a number of new risks such as cybersecurity disclosure and General Data Protection Regulation (GDPR) compliance making cloud solutions susceptible to unexpected security threats.
The quarterly ‘Emerging Risks Report’ identified cloud computing as the top concern for the second consecutive quarter.
Social engineering and GDPR compliance were cited as most likely to cause the greatest enterprise damage if not adequately addressed by risk management leaders, according to Gartner.
“Executives are right to expand cloud services as part of their digital business initiatives, but they need to ensure their cloud security strategy keeps up with this growth,” said Matthew Shinkman, practice leader, Gartner. “Leaders should start by clearly identifying their most at-risk areas, which remain obscure to many large organisation leaders.”
Gartner expects cloud computing to be a US$300 billion business by 2021, as companies increasingly adopt cloud services to release their desired digital business outcomes. But companies continues to struggle with security – despite record spending on information security in the last two years, organisations have lost an estimated US$400 billion to cyber theft and fraud worldwide. To respond to an increasing number of cybersecurity events and data breaches, organisations elevate IT security to the board level.
“Executives should promote risk awareness throughout the organisation,” Shinkman said. “A strong risk culture helps employees make the right decisions and mitigates poor outcomes.”