Organisations rushing to launch new cloud services are frequently skimping on cybersecurity investment, resulting in significant risks, especially with regard to identity and access management (IAM), according to new research conducted by consulting, technology and outsourcing leader, Capgemini and RSA, the security division of EMC.
Only 26 per cent of C-level executives surveyed said their organisations have the requisite technology in place, although 62 per cent believe that it is very important or critical for their organisations to enable or extend access for users to digital services securely, according to ‘Identity Crisis: How to Balance Digital Transformation and User Security’.
The survey, completed by more than 800 C-level executives in the US, UK, Germany, France, Benelux, Denmark, Sweden, Norway and Finland, found that 85 per cent of respondents believe that it is critical or very critical to onboard the growing number of new services underpinned by cloud technology quickly and efficiently and to ensure that they are supported by IAM.
“As organisations extend to the cloud they must ensure they have solutions in place that address the risk and threats associated with assuring user identities,” said Jim Ducharme, vice president, identity products, RSA. “These solutions must understand who is accessing what, manage that access effectively and control access across the various cloud services.”
The survey found that 84 per cent of respondents recognised the need to offer adaptive authentication methods and IDs and organisations are now beginning to increase investment in IAM, with 68 per cent of businesses reporting an increase in their IAM budgets and 28 per cent reporting a strong increase.
“It is clear that the days of logging into a company’s system with a username and password specific to that organisation are numbered,” said Mike Turner, global cybersecurity COO, Capgemini Group. “Users aspire to log in from anywhere in a variety of ways, including with social media profiles and existing email account.”
The survey found that many companies view the use of existing social identities for visitors to log in as the ultimate goal – as long as it can be achieved securely. Almost 90 per cent of organisations from the US and Europe reported preferring or mandating IAM data centres be located within their country or region.