That's followed by the second most pressing concern, unauthorized access to, or leakage of, customer data. In addition, respondents said they were worried that big cloud vendors like Amazon and Microsoft may significantly change their offerings without notice, and that could affect security controls and technology requirements.
The good news, says John Pironti, president of IP Architects, is that security professionals have been grappling with the issues poised by the cloud for decades. This is the third time the industry has had to deal with what he calls time slicing, and it goes back to the days when mainframes ruled the IT roost. "It started out with mainframes, and they did it better, but they didn't have the depth and breadth of applications we have today. In this case, we're using software ... where, with mainframes, [security] was designed in the hardware."
However, the problems are pretty much unchanged, he says, with one of the first goals of cyberterrorism being to attack communications. "The same fundamental attack and threat problems are the ones that will still get you. The adversaries are smarter, better, but they will follow the same basic approach ... follow the value."
While the human asset is your greatest asset, it's also your greatest adversary, says Pironti. "Most companies are having problems dealing with that trusted employee. ... It is a much greater threat than the external hacker."