Register Now for Great Online Training Offer: Get a 12.9" iPad Pro, Surface Pro or $350 Off


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

Orchestrating Cloud Security

Keep Security Close to Data, Improvement Needed in Visibility

  • Bethesda, MD
  • September 16, 2015

Organizations need to keep security close to their data as it traverses cloud systems by controlling permissions and access to the data as well as encrypting it, according to a recent cloud security survey to be released by SANS Institute on September 23, 2015.

Forty percent of survey respondents said their organizations process or store data in the cloud, but in public cloud implementations, 27% reported having little or no support for response if cloud-based data were breached, corrupted or destroyed. Still, reliance on cloud services continues to increase. According to the survey, 80% of respondents either have or plan to have a software-as-a-service implementation within the next 12 months.

"Moving collaboration tools, email tools, managed services, and backup and recovery to the cloud solves some problems for organizations, but with that increased cloud functionality comes increased security risk," says SANS analyst and survey author Dave Shackleford. "With that migration, it is no longer an option, organizations have to secure their data in transit, at rest and in use."

Organizations that use cloud services also need better visibility into cloud providers' operations, an ability 58% said they lack, in order to keep up with the growing number of attacks focused specifically on cloud services and data. Security-as-a-service offerings may make some inroads in to providing better visibility. However, according to Shackleford, "Organizations need integrated monitoring capabilities across their hybrid environments and partnerships with public cloud providers for full-spectrum visibility and response."

Full results of the survey will be shared during a Wednesday, September 23, 2015, webcast at 1 PM EDT, sponsored by CloudPassage,, HP, and Intel Security, and hosted by SANS. Register to attend the complimentary webcast:

Those who register for the webcast will also receive access to the published results paper developed by SANS analyst and cloud security expert, Dave Shackleford.

Tweet This

Learn best practices for securing content in private & public clouds. Webcast, 9/23 @ 1pm ET: #infosec

#Infosec Pros: What #cloud security & compliance practices are your colleagues recommending? Tune in 9/23,

Get Your 2015 Update: #CloudSecurity Survey Results Webcast, 9/23 @ 1pm ET: #infosec

SANS Media Contact

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 60 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates a practitioner's qualifications via over 30 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (