Brought to you by the WHIR

Lack of visibility far outweighs provider-introduced vulnerabilities as a pain point for IT professionals, according to survey results announced by security platform provider CloudPassage on Wednesday.

Data collected for the forthcoming Orchestrating Security in the Cloud report shows the concerns of companies in the cloud are evolving along with their cloud models and management.

Almost half of those surveyed chose deficient incident response as a source of dissatisfaction, citing a lack of visibility, and almost as many (46 percent) selected lack of virtual machine and workload visibility, as opposed to provider-introduced vulnerabilities leading to a breach or incident, which was chosen by only 26 percent.

The non-profit SANS Institute surveyed 485 IT professionals on behalf of CloudPassage, and confirmed the findings of many recent reports about hybrid cloud architectures’ rise to ubiquity. Forty percent of those surveyed currently use a public/private cloud model, with 43 percent more planning to take steps to adopt hybrid in the next year.

It also found that compliance is the top concern for 72 percent of cloud users across all models. Denial-of-service was the top attack vector for 36 percent of those experiencing breaches in the public cloud, while malware was the attack vector for 33 percent in the private cloud.

“Although most organizations have not experienced a breach in the cloud, security teams are concerned about illicit account and data access, maintaining compliance and integrating with on-premise security controls,” said SANS analyst and report author Dave Shackleford. “In addition, visibility into cloud environments remains a challenge as does implementing cloud-focused incident response and pen testing processes.”

While 33 percent say they do not have enough visibility into their public cloud provider’s operations, 40 percent consider unauthorized access to sensitive data from other tenants to be their top concern with public cloud deployments. SingleHop’s recently acquired Server Intellect division launched ServiceFirst managed services in August to join the market for services providing public cloud visibility.

The full survey will be released on CloudPassage’s website, and presented in a webinar, on September 23.

Original post appeared here: Lack of Cloud Visibility Major Pain Point for IT Pros: CloudPassage Survey