Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

3 Reasons to Add Cloud Data Security to 2023 Cybersecurity Budgets

Published 10/27/2022

3 Reasons to Add Cloud Data Security to 2023 Cybersecurity Budgets

Originally published by Laminar here.

Written by Andy Smith, Laminar.

Why Cloud Data Is So Important

Cloud data is growing at an exponential rate, and attackers have taken notice. Data breaches in 2021 increased by 68% over the year prior. As cloud data continues to grow, so too will the risk of a data breach. If that’s not reason enough to include cloud data security in your 2023 cybersecurity budget, we have three others you may want to consider.

First, let’s establish what we mean by cloud data security. The cloud environment is unique and requires cloud-native, data-centric security that enables organizations to continuously protect their data. A cloud data security solution enables organizations to continuously protect their data by following it as it proliferates in the hands of developers and data scientists who need to copy and move large volumes of sensitive data in the cloud to support innovation.

Given that this data-centric approach to cloud security is still new, we are willing to bet that you haven’t yet factored it into next year’s security budget. Here are three reasons why you should. We also created an eBook that provides additional detail on each and how you can decouple cloud data growth from cloud data risk.

1. Cloud data security is different from data security.

Developers no longer ask for permission when they want to create new data storage assets in the cloud; they just do it, at the click of a button. Security teams lack visibility and the opportunity to ask important questions, implement and enforce data security policies that can protect the data before that data is copied, moved or created. Unfortunately, security controls do not travel with the data, they must be implemented each time. Compounding this challenge is the technology sprawl presented by the cloud. Unlike on-premises data security where there are limited ways that data can be stored and shared, in the cloud developers have the freedom to choose between multiple cloud providers who each have a multitude of services. This can result in a vast cloud infrastructure consisting of myriad different technologies with data here, there, and everywhere.

2. Tedious manual efforts don’t work in the cloud

Let’s face it: a manual approach to security doesn’t work when developers and data scientists can spin up new services at the push of a button. Security breaks down. Compliance suffers. Five main issues drive the need for automation:

  1. Manual efforts can’t keep up with the agility of today’s digitally transformed businesses.
  2. Security is blind to “shadow data”, the hidden sensitive files that occur when data is copied, backed up, or housed in a data store that is neither governed under the same security structure nor kept up to date.
  3. There is no way to validate or enforce data security policies.
  4. Security is unable to identify the company’s “crown jewels,” their most sensitive and important data, and put proper monitoring in place.
  5. There is no way to easily understand exposure at the data element layer and how to limit access.

3. What you’re doing now is not working

While cloud security spend has increased (estimates tell us that the market is growing at a rate of 25.1% year over year, from $10.98 billion in 2021 to 13.73 billion in 2022), so too has the number of cloud data breaches. As has the cost of a breach. The average cost of a data breach in 2022 is $4.35 million, up 12.7% from 2020, and the 2021 Data Breach Investigations Report from Verizon found that 90% of data breaches target the public cloud.

If current security tools kept your data secure, wouldn’t the number of data breaches decrease over time? Albert Einstein is credited with saying, “Insanity is doing the same thing over and over and expecting different results.” So if your current solutions aren’t working, isn’t it time to consider adding a purpose-built layer of security for protecting your data in the cloud?

Share this content on your favorite social network today!