Cloud adoption rates are increasing by the day as more businesses take advantage of everything the cloud has to offer. But along with the benefits the cloud offers, it also brings increasing security risks. Here’s a list of 19 cloud adoption and security statistics you should know in 2021 and beyond
As kids, it’s fun to lay outside with family or friends and stare up at the sky. You look for fun and exciting shapes and characters in the clouds. But as adults, particularly those working in IT security for enterprises, we look to “clouds” in a different way — both as a source of scalable storage and as a means of delivering services in our digital world. This is particularly true when it comes to increasing remote work requirements since Covid-19 first reared its ugly head nearly two years ago.
However, as you know, the cloud has its ups and downs when it comes to security and usages. That’s why we’ve put together a list of 19 attention-grabbing cloud computing statistics — this will cover data relating to cloud adoption, cloud security, and other informative statistics.
Let’s hash it out.
Cloud Adoption Statistics
When it comes to cloud adoption, you must decide whether it’s better for your business to use a single cloud provider or work with multiple cloud providers. Part of this decision entails choosing whether to use in-house resources (on-prem), cloud, or perhaps a hybrid approach.
There’s no right or wrong answer — that decision is something you must determine the answer to based on factors that include your budget, needs, and in-house resources (including personnel).
1. 92% Enterprises Have a Multi-Cloud Strategy in Place
Data from Flexera’s 2021 State of the Cloud Report shows that nine in 10 enterprises are taking a multi-cloud strategy approach. Within that group, more than 80% of enterprises report having a hybrid cloud strategy in place.
2. Two-Thirds of Organizations Will Be Less Individual Vendor-Dependent Within 3 Years
Organizations that have multi-cloud strategies are less likely to be dependent upon individual vendors. Gartner’s 4 Trends Impacting Cloud Adoption in 2020 report shows that by 2024, nearly two in three organizations will use more than one vendor.
Furthermore, data from a separate Gartner survey also shows that 81% of public cloud users currently use two or more cloud providers. However, their research also predicts that 50% of the public cloud market will be controlled by the 10 biggest providers by 2023.
3. 52% of Organizations Identify Cloud-Based Services as Factor in PKI Growth
Every day, the cloud is playing a larger role in organizations’ operations and services, and businesses are increasingly turning to PKI to provide identity and security. In their 2021 State of Machine Identity Management report, Keyfactor and the Ponemon Institute report that more than half of organizations report cloud-based services as the impetus for public key infrastructure deployment and usage growth rates. This is followed by:
- Zero-trust security strategy (50%),
- Remote workforce needs (43%), and
- IoT devices (43%).
4. Cloud Ranks #1 As Preferred Security Technology Deployment Method
Cynet’s 2021 Survey of CISOs with Small Cyber Security Teams shows that companies with smaller security teams are looking primarily to the cloud (57%) as a means of implementing security technologies. This top-ranking priority is followed by on-prem (21%) and hybrid (13%).
By outsourcing resource-intensive processes like managing in-house IT infrastructure, companies can free up their limited personnel to focus on other priorities.
Cloud Computing Statistics Relating to Costs
Whether it’s the cost of running servers or having the personnel in place to manage them, everything costs money — and prices are increasing. With this in mind, let’s explore some of the cloud computing-related costs for businesses.
5. Rising Cloud Account Compromises Cost Businesses ~$6.2 Million Over 12 Months
Data from Proofpoint and the Ponemon Institute’s report The Cost of Cloud Compromise and Shadow IT shows that security incidents cost businesses a pretty penny. Their survey of 662 U.S. IT and IT sec professionals shows that cloud account compromises cost an average of more than $6.2 million over 12 months. 86% of the surveyed organizations said cloud account compromises cost them at least $500,000.
To put this into context, the cost of cloud account compromises averages out to be 3.5% of their total revenues within the same period.
6. 60% of I&O Leaders Will Experience Budget Issues Due to Public Cloud Cost Overruns
Cloud migration can cost a pretty penny, but not all organizations properly plan for the expenses. While organizations often plan for the direct costs associated with this process, planning for indirect costs can fall through the cracks. As such, Gartner’s cloud migration cost research predicts that almost two in three infrastructure and operations (I&O) leaders through 2024 will experience public cloud migration cost overruns that will take a toll on their on-prem budgets.
7. 59% of Organizations Spend Up to $12 Million a Year on Public Cloud
Flexera reports in their 2021 State of the Cloud Report that 30% of the organizations they surveyed have annual public cloud spends ranging between $2.4 million and $12 million. Another 31% of their survey respondents indicate they spent more than $12 million a year!
Based on the estimate of $12 million a year, that means these large organizations are spending an average of $32,876.72 a day on public cloud.
8. 31% of Organizations Are Spending More Than $50 Million on Cloud Infrastructure
$50 million — that’s more money than some business owners will ever see in their entire lifetimes. But according to research from IDC and the cloud infrastructure security company Ermetic, that number is just the annual cloud infrastructure expenses for some companies. Their research also shows that 71% of businesses invest up to $50 million a year to expand their cloud infrastructures.
Cloud Security Statistics
Cloud security is integral to your organization’s overall security health. Let’s explore some relevant cloud security statistics and data to give you a better view of what this sector of the industry looks like.
9. 98% of Organizations Experienced a Cloud Security Breach in Past 18 Months
Would you believe me if I told you that nearly all organizations have experienced a cloud data breach within the previous year and a half? Data from IDC and Ermetic shows that almost all the organizations (98%) they surveyed experienced a minimum of one cloud data breach in that period. Their study involved 200 CISOs and other security decision-makers from U.S. companies.
The report indicates that this rose nearly 20% from their 2020 survey in which “only” 79% of respondents indicated the same.
10. 72% of IT Security Leaders Rank Cloud as Top Digital Transformation Priority
In early 2021, Keyfactor hired the Ponemon Institute to conduct a survey of 100 North American IT security execs to better understand their zero-trust strategy priorities and where public key infrastructure fits in:
- 72% of IT security leaders rank cloud as their organizations’ top digital transformation priority,
- 66% already use PKI automation or are in the midst of deploying it within their organizations, and
- 49% list a cloud-first PKI deployment approach as their third-highest priority (behind certificate lifecycle automation [56%] and PKI visibility [71%]).
11. ~90% of Data Breaches Target Servers
Verizon’s 2021 Data Breach Investigations Report (DBIR) shows that servers lead the way in terms of being the top assets targeted in data breaches. Web application servers took the lead as the primary breach target, encompassing more than 50% of breaches; mail servers came in second with ~25% of data breaches targeting them.
“Compromised external cloud assets were more common than on-premises assets in both incidents and breaches. Conversely, there was a decline of user devices (desktops and laptops) being compromised. This makes sense when we consider that breaches are moving toward Social and Web application vectors, such as gathering credentials and using them against cloud-based email systems.” — Verizon 2021 DBIR Executive Brief
12. 96% of Web App Attack-Based Mail Server Compromises Involve the Cloud
More than 50% of the web app attack-based data breaches Verizon analyzed in their 2021 Data Breach Investigations Report (DBIR) involve mail server compromises. Of those compromised, the overwhelming majority (96%) were cloud-based mail servers.
13. Hybrid Cloud Data Breaches Cost $1.19 Million Less Than Those Affecting Public Clouds
Data from IBM and the Ponemon Institute’s 2021 Cost of a Data Breach report shows that the average cost of a data breach for a hybrid cloud environment is $3.61 million. This average cost is less than other cloud environments (i.e., on-prem, private, and public clouds). The average total cost of a data breach for businesses globally was $4.24 million.
14. Cloud Misconfigurations Represents 15% of Initial Attack Vectors in Data Breaches
IBM’s 2021 Cost of a Data Breach report shows that cloud misconfigurations were the third most common initial attack vector in the breaches they analyzed. These types of data breaches require an average of 186 days to identify and another 65 to contain. The price tag accompanying this attack vector? A cool $3.86 million in total costs.
Needless to say, these types of cloud security statistics underscore the importance of having strong security measures, processes, and policies in place. Having these resources in place can help you avoid “oops” situations that put your company, data, and reputation at risk.
15. 65% of Cloud Network Security Incidents Stem from User Error
It’s no secret that security misconfigurations are a big issue for businesses. But Palo Alto’s Unit 42 2H 2020 research indicates that two in three security-related incidents are due to misconfigurations. But that’s still lower than estimates from Gartner, which estimates that 99% of cloud security failures through 2025 will be the customers’ fault — pointing to the idea that misconfigurations are a much bigger issue.
16. 30% of Organizations Don’t Use Adequate Cloud Security Controls
Palo Alto’s Unit 42 Cloud Threat Report 1H 2021 data shows that nearly one in three organizations fail to implement proper security measures in the cloud. These controls are what help to protect cloud environments against attacks and mitigate vulnerabilities.
17. 83% of Cloud Breaches Stem From Access Vulnerabilities
Access security measures are the locks on your doors and the walls around your castle. But data from IDC and Ermetic shows that access-related vulnerabilities cause four in five cloud data breaches. The top-ranking industries? Healthcare, Utilities, and Media.
Overall, their report also shows that larger companies are more at risk of experiencing these security issues than businesses with fewer employees. (60% of businesses with 10,000 or more employees cite access as their leading factor for causing cloud breaches.) This makes sense, considering that they have much larger attack surfaces than their smaller business counterparts.
Cloud Computing Statistics: What Types of Data Organizations Store in the Cloud
Before we jump into the data, ask yourself: what types of data are you storing in the cloud? And what steps are you taking to ensure that data remains secure?
When it comes to cloud…
19 Cloud Computing Statistics That Will Keep You Awake at Night