New research into cloud security management has found that 83% of UK organisations believe threats to cloud systems are outpacing their ability to effectively deploy countermeasures.
This places the UK behind the global average, at 71%. By contrast, only 53% of German enterprises believe the same.
Cyber security company Palo Alto Networks has published its findings about the practices, tools, and technologies that companies around the world use to manage security for cloud-native architecture, interviewing 3,000 professionals in cloud architecture, information security, DevOps, and application development located across the UK, Germany, USA, Singapore, and Australia.
The State of Cloud Native Security report shows that UK organisations today host 42% of their workloads in the cloud and expect this to increase to 65% in the next two years.
A significant majority (93%) of UK businesses admitted to using more than one cloud platform, while one in two (57%) said they use between two and five. The trend was reflected on a global scale, with 94% and 60% of global organisations admitting to the same respectively.
However, the report has found that the growing reliance on cloud infrastructure has not translated into increased confidence in cloud security. In fact, 84% of UK respondents admitted that their organisation struggles to draw a clear line between their own responsibility for cloud security and their cloud service providers responsibility for security.
Low confidence in cloud security, and undefined responsibility for it, coincides with a surge in the number of attacks on cloud accounts, up by 630% between January and April of this year, according to McAfee. A majority of these external attacks were large-scale attempts to access cloud accounts with stolen credentials and usually targeted collaboration services like Microsoft 365.
The research also found that, while overall enterprise use of cloud services increased by 50%, access to the cloud using unmanaged, personal devices doubled, contributing to the risk of company data being stolen.