Skip to content
Saturday 18 July 2026EN · DE
City PM

European business, markets and politics

  • Germany
  • France
  • Europe
  • Markets
  • Business
  • Opinion
  • Germany
  • France
  • Europe
  • Markets
  • Business
  • Opinion
  • DE
Sponsored Ad Feature is produced by an advertiser with the specific intent to promote a product and is not produced by the City PM team.
Friday 24 March 2023 10:26 am  |  Updated:  Friday 24 March 2023 10:40 am

Cloud migration: mitigating misconceptions and genuine security risk

By: Simon Walsh - Senior Sales Engineer at Trend Micro

Add as a preferred source on Google
Activeops has reported another year of profitability.
Activeops has reported another year of profitability.

Sometimes it seems like the whole world is migrating their critical data and applications to the cloud. The latest Gartner forecast estimates spending globally on public cloud services will hit $592bn by the end of 2023 – a near 21% year-on-year rise. Yet security is a persistent concern. that it is a barrier to migration for 45% of global organisations.

Some of these concerns are born out of misunderstandings about what cloud migration entails, and how security solutions can help. Others can be addressed by investing in the right kind of platform-based approach and baking security into projects from the very start.

Sharing responsibility for security

Our survey finds that 88% of organisations accelerated their cloud migration during the pandemic. That’s an understandable reaction to a unique set of circumstances which forced businesses to become more agile in supporting their workforce and reaching customers digitally. However, the pandemic surge in migration is unlikely to have slowed since, as organisations look to carve out competitive advantage and mitigate the worst impacts of a looming downturn. 

In this context, it’s of some concern that many still don’t fully understand the concept of shared responsibility – whereby cloud providers take care of security of their infrastructure but customers must protect data, apps and other assets. Although nearly all (92%) respondents said they’re confident they understand their cloud security responsibility, even more (97%) claim their cloud service provider (CSP) offers sufficient data protection – which is not usually the CSP’s job.

The boundary lines for responsibility may be particularly difficult for organisations to define when they are running a mix of IaaS, PaaS and SaaS environments. 

Legitimate concerns

The bottom line is that cloud migration can increase the corporate attack surface significantly. Just think of all those new containers, virtual machines and serverless assets. Managing these often ephemeral, highly dynamic assets alongside traditional on-premises environments can be extremely challenging, as they demand a different type of approach. It’s perhaps not surprising that nearly three-quarters (73%) of global organisations are concerned about their growing attack surface.

Organisations must also understand that CSPs can’t be independently audited. You have to take them at their word on security to a great extent – which makes due diligence processes more important, and trusted industry names a safer bet. Visibility and control can also be a challenge for security teams operating in the cloud without the right tools.  

Security by design

However, there are things that can be done from the start to mitigate cyber risk when migrating data to the cloud. First, follow security by design principles. That means getting the IT leader or CISO sitting in on digital transformation projects from the very start. Some organisations leave them out, believing the function will only slow things down. In fact, good security will help you go faster but safer, like seatbelts on a car. 

Next, it’s time to consider what security tools to invest in. Point solutions are a major challenge for security teams. They can create data silos that lead to coverage gaps, cost extra money in unnecessary licences, and stretch IT teams to the limit from an administrative perspective.

By consolidating on a single platform for protection, detection and response across cloud and on-premises, organisations can instead gain full insight into and then manage risk across their entire attack surface holistically. It saves money on licences and optimises limited IT resources.

Of those organisations we surveyed, only 55% said they use third-party tools to secure their cloud environments. This needs to change. The first rule of cloud security is the CSP will not handle everything themselves. 

Read more

Reply Achieves the AWS Business Value Realization Competency

Share this article

  • Facebook
  • X
  • LinkedIn
  • WhatsApp
  • Email

Similarly tagged content:

Sections

  • Markets & Economics

Categories

  • Banking
  • Business

Trending Articles

  • Revealed: KPMG and Deloitte offer bumper redundancy packages to slash headcount

  • Motsepe backed to succeed Fifa’s Infantino by South African minister

  • Brewdog owner shrugs off James Watt takeover bid

  • Finsbury lines up Games Workshop splurge using merger windfall

  • Citroën 2CV returns as a £13,000 electric car, and the timing is no accident

More from City PM

  • Reply Achieves the AWS Business Value Realization Competency

    Business Wire
  • Endava Partners with Wiz to Deliver Integrated Cloud Security for Enterprise AI Adoption

    Business Wire
  • Orca Security Report: 99.9% of Fixable AI Vulnerabilities Remain Unpatched as AI Moves Into Production

    Business Wire
  • Blue Cloud Ventures Announces Final Close of Blue Cloud Ventures V

    Business Wire
  • Cloudflare Launches Design Partner Designation to Accelerate Secure AI and Seamless SASE Adoption

    Business Wire
  • Vultr and SUSE Launch Validated Full-Stack NVIDIA Enterprise AI Platform to Accelerate Production Deployments

    Business Wire
  • Cloudflare Introduces Precursor; One-Click Behavioral Defense Against Modern Bots

    Business Wire
  • Gambit Cyber Launches Vizier AI – An Autonomous Security Intelligence Workspace for Continuous Exposure Management

    Business Wire

City PM — European politics, business and analysis.

Europe

  • Germany
  • France
  • Europe
  • UK & Ireland

Topics

  • Business
  • Markets
  • AI
  • Technology
  • Opinion
  • Energy

More

  • Politics
  • Economics
  • Fintech
  • Legal
  • Sport
  • Life

Company

  • About City PM
  • Editorial Policy
  • Corrections
  • Contact
  • Terms of Use
  • Privacy Policy
  • Cookie Policy
© 2026 City PM · Published by CityPM Media, Bahnhofstrasse 65, 8001 Zürich, Switzerland
About · Editorial Policy · Corrections · Contact · Privacy · Facebook