Cloud 101CircleEventsBlog
Get 50% off the Cloud Infrastructure Security training bundle with code 'unlock50advantage'

Download Publication

State of Financial Services in Cloud
State of Financial Services in Cloud

State of Financial Services in Cloud

Release Date: 06/05/2023

In recent years, the financial services industry has increasingly adopted cloud services. This trend is expected to continue with the further adoption and integration of cloud service provider functions, replacing traditional technology for banking, commerce, financial transactions, and the exchange of financial data. 

Due to this trend, CSA has been conducting surveys to better understand the adoption of cloud computing technology in the finance industry, bringing together a community of contributors from global banks, fintech, payment processors, insurance companies, financial supervisory authorities, data protection authorities, and other national regulatory bodies. Now, with this latest report, we aim to better understand: 
  • Financial institutions’ level of adoption of cloud solutions and requirements compared to prior surveys conducted in 2019-2020. 
  • Current challenges facing the financial services industry. 
  • Opportunities for CSA to create guidance on protecting financial data and related assets within secure cloud services.
Most evident from this report is that cloud services are becoming well-rooted in all aspects of financial services and are expected to be used for a very long time. No longer is the question as to whether cloud will be adopted, but about the execution of how: how to adopt cloud-native security, how to apply Zero Trust methodologies, and how to educate all relevant stakeholders. 

Key Takeaways:
  • 98% of organizations are using some form of cloud computing, up from 91% in 2020.
  • 57% of organizations currently use multiple cloud providers for their IaaS/PaaS needs. 
  • 59% of organizations store or process regulated banking information within cloud services, with only 25% having no future plans to do so.
  • A common pain point is the need for broader awareness of approaches to auditing cloud services by regulators and auditors. 
  • 65% of organizations use CSA’s CCM and CAIQ to demonstrate adherence to frameworks, establish an internal cloud security controls framework, and establish an internal cloud risk management approach.
Download this Resource

Bookmark
Share
View translations
Related resources
Cloud Security for Startups 2024
Cloud Security for Startups 2024
Key Management for Public Cloud Migration
Key Management for Public Cloud Migration
Top Threats to Cloud Computing 2024 - Japanese Translation
Top Threats to Cloud Computing 2024 - Japanese ...
10 Fast Facts About Cybersecurity for Financial Services—And How ASPM Can Help
10 Fast Facts About Cybersecurity for Financial Services—And How AS...
Published: 12/20/2024
How to Demystify Zero Trust for Non-Security Stakeholders
How to Demystify Zero Trust for Non-Security Stakeholders
Published: 12/19/2024
Why Digital Pioneers are Adopting Zero Trust SD-WAN to Drive Modernization
Why Digital Pioneers are Adopting Zero Trust SD-WAN to Drive Modern...
Published: 12/19/2024
Managed Security Service Provider (MSSP): Everything You Need to Know
Managed Security Service Provider (MSSP): Everything You Need to Know
Published: 12/18/2024

Acknowledgements

Vinay Patel
Vinay Patel
Chief Information Security Officer, Zendesk

Vinay Patel

Chief Information Security Officer, Zendesk

As Finastra’s CISO, Vinay is responsible for establishing an intelligence-led, threat-focused information security program capable of detecting and protecting against emerging cyberattacks targeting Finastra and/or its clients.

Read more

Troy Leach
Troy Leach
Chief Strategy Officer (CSO), CSA

Troy Leach

Chief Strategy Officer (CSO), CSA

Troy Leach has spent more than 25 years advocating for the advancement of responsible, safe technology to improve the quality of living and parity for all.

As the Chief Strategy Officer, Mr. Leach supports Cloud Security Alliance's corporate strategy and ongoing mission to provide new and relevant cloud security awareness, education, research, programs and membership participation. Mr. Leach specifically focuses on external engageme...

Read more

Hillary Baron
Hillary Baron
Senior Technical Director - Research, CSA

Hillary Baron

Senior Technical Director - Research, CSA

John Yeoh
John Yeoh
Global Vice President of Research, CSA

John Yeoh

Global Vice President of Research, CSA

With over 15 years of experience in research and technology, John excels at executive-level leadership, relationship management, and strategy development. He is a published author, technologist, and researcher with areas of expertise in cybersecurity, cloud computing, information security, and next generation technology (IoT, Big Data, SecaaS, Quantum). John specializes in risk management, third party assessment, GRC, data protection, incid...

Read more

Daniele Catteddu
Daniele Catteddu
Chief Technology Officer, CSA

Daniele Catteddu

Chief Technology Officer, CSA

Daniele Catteddu is an information security and risk management practitioner, technologies expert and privacy evangelist with over 15 of experience. He worked in several senior roles both in the private and public sector. He is member of various national and international security expert groups and committees on cyber-security and privacy, keynote speaker at several conferences and author of numerous studies and papers on risk management, ...

Read more

Ryan Gifford
Ryan Gifford
Research Analyst, CSA

Ryan Gifford

Research Analyst, CSA

Jez Goldstone
Jez Goldstone
Director of Security Architecture, Cloud & Innovation

Jez Goldstone

Director of Security Architecture, Cloud & Innovation

Jez is a cyber security expert, leader, innovator with over twenty years of IT experience in the Financial Services and other sectors. He has lead innovation initiatives and teams - focusing on where cyber innovations really add value to solve complex business challenges and open up competitive advantage opportunities. I have a keen interest in how Privacy Enhancing Tech, and specifically FHE, can help solve some of these challenges.

Read more

Sean Heide
Sean Heide
Technical Research Director, CSA

Sean Heide

Technical Research Director, CSA

Erik Johnson
Erik Johnson
Cloud Security Specialist & Senior Research Analyst, CSA

Erik Johnson

Cloud Security Specialist & Senior Research Analyst, CSA

Worked for the Federal Reserve for many years and volunteered with the CSA with a focus on CCM/CAIQ V4, specifically the STA domain, and developing a comprehensive framework and guidance for defining and managing the cloud shared security responsibility model (SSRM).

I recently retired from the Federal Reserve and am now consulting with the CSA as a Senior Research Analyst with a focus on Zero Trust and Financial Services.

Linke...

Read more

Alex Kaluza
Alex Kaluza
Research Analyst, CSA

Alex Kaluza

Research Analyst, CSA

Stephen Lumpe
Stephen Lumpe
Senior Graphic Designer, CSA

Stephen Lumpe

Senior Graphic Designer, CSA

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training