New Delhi, October 24 (IANS) About 72 per cent of security decision makers in large enterprises in India wrongly believe that security provided by Cloud providers is sufficient to protect them from threats, a new report from global cybersecurity firm Palo Alto Networks said on Thursday.
Large enterprises, defined as those with more than 200 employees are not prepared for Cloud-related cybersecurity threats, and more importantly, make the assumption that public Clouds are by default secure, said the report titled "The Asia-Pacific Cloud Security Study".
"Organisations need to recognise that Cloud security is a shared responsibility," said Anil Bhasin, Regional Vice President, India and Saarc at Palo Alto Networks.
"While Cloud providers are responsible for the security of their infrastructure, the onus is on companies themselves to secure their data and applications stored in that infrastructure."
Among the companies surveyed in India, nearly half of them operate with more than 10 security tools within their infrastructure to secure their Cloud.
However, having numerous security tools creates a fragmented security posture, adding further complexity to managing security in the Cloud, especially if the companies are operating in a multi-Cloud environment.
The study revealed that large enterprises do not have enough time and resources to dedicate to Cloud security audits and training.
Over 60 per cent of Indian organisations have either never conducted a security audit or do not do it on a yearly basis, said the study.
Furthermore, 19 per cent of these audits do not even include cloud assets and 57 per cent of organisations conduct internal audits only.
The survey was conducted amongst 500 respondents from various vertical industries of large businesses with over 200 employees across five countries in Asia-Pacific.
There were 100 respondents per country in Australia, China, Hong Kong, India and Singapore.