Bethesda, Md. – Organizations need to keep security close to their data as it traverses cloud systems by controlling permissions and access to the data as well as encrypting it, according to a recent cloud security survey to be released by SANS Institute on September 23, 2015.

Forty percent of survey respondents said their organizations process or store data in the cloud, but in public cloud implementations, 27% reported having little or no support for response if cloud-based data were breached, corrupted or destroyed. Still, reliance on cloud services continues to increase. According to the survey, 80% of respondents either have or plan to have a software-as-a-service implementation within the next 12 months.

"Moving collaboration tools, email tools, managed services, and backup and recovery to the cloud solves some problems for organizations, but with that increased cloud functionality comes increased security risk," says SANS analyst and survey author Dave Shackleford. "With that migration, it is no longer an option, organizations have to secure their data in transit, at rest and in use."

Organizations that use cloud services also need better visibility into cloud providers' operations, an ability 58% said they lack, in order to keep up with the growing number of attacks focused specifically on cloud services and data. Security-as-a-service offerings may make some inroads in to providing better visibility. However, according to Shackleford, "Organizations need integrated monitoring capabilities across their hybrid environments and partnerships with public cloud providers for full-spectrum visibility and response."

Full results of the survey will be shared during a Wednesday, September 23, 2015, webcast at 1 PM EDT, sponsored by CloudPassage,, HP, and Intel Security, and hosted by SANS. Register to attend the complimentary webcast:

Those who register for the webcast will also receive access to the published results paper developed by SANS analyst and cloud security expert, Dave Shackleford.

Tweet This

Learn best practices for securing content in private & public clouds. Webcast, 9/23 @ 1pm ET: #infosec

#Infosec Pros: What #cloud security & compliance practices are your colleagues recommending? Tune in 9/23,

Get Your 2015 Update: #CloudSecurity Survey Results Webcast, 9/23 @ 1pm ET: #infosec

SANS Media Contact

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions world-wide. Renowned SANS instructors teach more than 60 courses at in-person and virtual cyber security training events and on demand. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system–the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (