Cloud processing impacts capital, staffing and operational budgets for security
As CIOs and CSOs develop budgets for the new year cloud processing impacts overall IT Budget.
Cloud processing impacts capital, staffing and operational budgets for security - The budget creation process is significantly impacted by the movement towards cloud processing and the ever-changing security and disaster recovery compliance requirements. In a recent review of the budgets for the new year Janco found that cloud processing has the greatest impact on IT operating cost in year to year comparisons. Even more than new IT initiatives.
The chart above depicts the results of the "informal" survey that was conducted. Only 126 organizations participated in the survey, but the results proved to be very informative.
The factors that Janco found were:
- Overall Security Infrastructure Increased - (51%) - With the movement towards the cloud security needs to be updated to include all of the new access points to confidential and sensitive information. In addition, business continuity is another area that needs to be "beefed-up".
- New Cloud Security Policies & Controls -(49%) - With cloud access and process new policies and procedures need to be implemented along with the associated controls. These in turn need to be subjects of review by not only internal and external auditors but also by all effected departments such as legal, marketing, sales, and distribution to mention a few.
- Reviewed All Security Infrastructure - (46%) - As the new cloud security infrastructure is updated, many organizations review the existing security infrastructure and make significant updates to what is in place. This raises the cost of the existing processes in addition to requiring new training and implementation efforts.
- Updated Security Scanning Processes - (43%) - Most organizations have processes in place to scan for vulnerabilities and actual breaches. These need to be updated to take into account the new data and access points. Adding to this is the complexity of dealing with third parties where cloud processing often takes place.
- Web Resource Usage Reviewed - (43%) - When web processing takes place it utilizes critical time dependent resources. Also, if this is done on third party resources there are on-going operational cost as well as service level issues that need to be considered.
- Implemented New Cloud Security - (40%) - A number of the organizations, after reviewing the security and business continuity process that were in place for cloud processing found that they were inadequate. Many implemented a completely new cloud security and business continuity.
- Integrated Security into SDM Processes - (40%) It is very costly to implement security into an application after it is created. For this reason many CIOs took the extra step to see that both security and business continuity are considered in the design and implementation processes of new applications.
- Hired New Cloud & Security Pros - (39%) - As companies move into these new areas individuals with the experience in these disciplines have been added. In some cases, CIOs have retained contractors who have the skills and can train existing staff.
- Updated Processes to Meet Compliance Requirements - (34%) - With the ever changing compliance landscape, a complete review of the existing processes is in order and often leads to changes that have to be implemented.