CSA Official Press Release
Cloud Security Alliance New Survey Finds Financial Firms are in Search of a Cloud Strategy
Hybrid Cloud Adoption is Preferred; Control and Security of Data is Top Concern Seattle, WA –March 5, 2015 - Many financial firms are slowly putting more stock in the cloud. That’s a key finding from a new Cloud Security Alliance (CSA) survey, titled How Cloud is Being Used in the Financial Sector. The survey targeted executives from banking, insurance and investment firms around the world. While the survey found that cloud computing is becoming more and more prevalent throughout the financial sector, many respondents indicated having less than 50 percent of a solidified, concerted cloud strategy with controls and security being a main concern.
"The results of this report are insightful into understanding how the financial services industry is progressing in terms of cloud adoption and how cloud providers can best serve their interests and needs," said Jim Reavis, CEO of the CSA. "We hope that cloud providers and financial institutions can use this as guidance to help accelerate the adoption of secure cloud services in the financial industry." According to the findings, 61 percent of respondents admitted that a cloud strategy was in the formative stages within their organization, with 39 to 47 percent planning to use a mix of in-house IT, private, and public clouds, and 18 percent planning to use private clouds. None of the respondents have plans to be hosted mostly in a public cloud. The results of the survey also showed that the higher the electronic channel transaction base among a firm’s customers, the less strict the cloud policy with only three percent of these types of organizations indicating having a strict cloud policy in place.
"The responses overall showed a very active market for cloud services in the financial services sector," said Dr. Chenxi Wang, Vice President, Cloud Security and Strategy, CipherCloud. "Cloud has made solid in-roads in this industry with many firms looking to harnessing the power of cloud. There’s plenty of room for growth, particularly for providers who can fill the void for the auditing and data protection controls that are at the top of respondents’ cloud wish list."
The How Cloud is Being Used in the Financial Sector report includes responses from more than 100 professionals varying in company size and industries from the Americas, EMEA and APAC regions. Sponsored by CipherCloud, the leader in cloud information protection, the survey was conducted by the CSA Financial Services Working Group, as a first step in building a situation map to show how different cloud solutions are deployed in the financial sector. The objective of this study is to understand the needs to accelerate the adoption of secure cloud services in the financial industry by analyzing the financial industry’s main concerns regarding delivery and management of cloud services.
Financial services firms are also eager to see increased transparency and better auditing controls (80 percent) from their cloud providers, even more so than better data encryption (57 percent). In understanding why companies are moving to the cloud, respondents indicated that flexible infrastructure capacity was at top of their list (68 percent), followed closely by the need for reduced time for provisioning (63 percent). The top services and features being adopted when moving to the cloud include CRM (46 percent), application development (45 percent), and email (41 percent), rather than backend services (20 percent) or virtual desks (14 percent).
Finally, in looking at compliance regulation requirements when moving to the cloud, at the top of the list was data protection (75 percent) corporate governance (68 percent) PCI-DSS (54 percent) and national regulations (47 percent).
The survey also looked to gain insight into how finance, government, insurance, and security decision-makers take action in their organizations, from consolidating and standardizing on the most secure cloud services, to knowing what policies will have the most impact, to understanding where to focus when educating users.To access the full report visit
https://cloudsecurityalliance.org/research/fswg/#_downloadsAs a follow up to the survey, the CSA Financial Services Working Group plans to identify 2015 deliverables to address the concerns and opportunities for cloud computing best practices within the financial services industry. The Financial Services Working Group is led by Juan Francisco Losa, Head of Innovation, Engineering and Software Development It Risk, Fraud & Security at BBVA, and Mario Maawad, Security Manager at CaixaBank. Companies and individuals interested in becoming involved in the working group should contact [email protected].
About the Cloud Security Alliance
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.
CipherCloud, the leader in cloud visibility and data protection, delivers cloud adoption while ensuring security, compliance and control. CipherCloud’s open platform provides comprehensive cloud application discovery and risk assessment, data protection – searchable strong encryption, tokenization, data loss prevention, key management and malware detection – and extensive user activity and anomaly monitoring services. CipherCloud has experienced exceptional growth and success with over 3 million of business users, across 11 different industries. The CipherCloud product portfolio protects popular cloud applications out-of-the-box such as Salesforce, Box, Microsoft Office 365, and ServiceNow. CipherCloud, named as SC Magazine’s Best Product of the Year, technology is FIPS 140-2 validated and is backed by premier venture capital firms Transamerica Ventures, Andreessen Horowitz, Delta Partners, and T-Venture, the venture capital arm of Deutsche Telekom. For more information, visit www.ciphercloud.com and follow us on Twitter @ciphercloud.
703 928 9996
Director of Corporate Communications
About Cloud Security Alliance
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, follow us on Twitter @cloudsa.
For press inquiries, email Zenobia Godschalk of ZAG Communications or reach her by phone at 650.269.8315.