News / Cloud /

Lessons learned from the Great Cloud Migration

Besides tapping into technologies like secure access service edge and zero trust network access amid an ongoing talent shortage, what can organizations do to secure — and optimize — their cloud systems for the remainder of the pandemic?

Share this article:

Lessons learned from the Great Cloud Migration

In so many ways over the past seven months, cloud has been a business saviour. The Great Cloud Migration was already well underway before COVID-19, but with millions of people forced out of their offices, it has proved its worth as the key to enabling remote work.

But what did enterprises learn during the first wave of COVID? How can they refine and optimize their cloud strategy as the pandemic continues around the globe?

Fresh data from Synergy Research shows global revenue from cloud services and infrastructure grew by $187 billion in the first half of 2020, up 20 per cent from the same period in 2019. Here’s a partial breakdown of growth rates for global spending during the first six months of this year:

  • 34% – IaaS, PaaS and hosted private cloud services
  • 21% – enterprise SaaS
  • 10% – hardware and software for public, private and hybrid cloud

A separate Synergy report details some monster growth rates in spending on cloud hosting and cloud-based collaboration tools during Q2 (April, May and June) of 2020:

  • 74% – SaaS for teams
  • 64% – SaaS for conferencing
  • 33% – CPaaS

Looking ahead, Synergy expects annual spending on cloud services to double within four years.

Cloud risks on the rise

Spending isn’t the only thing that’s risen during COVID-19. Unfortunately, cyber attacks targeting the cloud have also jumped dramatically.

For example, although 51 per cent of businesses in one U.K. survey said cloud helped keep their businesses afloat during lockdown, 39 per cent also reported an increase in security threats and risks to their cloud services and infrastructure due to the pandemic. A little more than half of the surveyed businesses believe work-from-home has increased insider threats such as employee accounts being hijacked.

To counter these rising security risks, organizations need to find infosec talent and make sure their existing IT pros have the most up-to-date cybersecurity skills for today’s technology landscape. Which brings us to another problem …

Cybersecurity talent shortage

Lessons learned from the Great Cloud Migration

Cybersecurity talent has always been in short supply and the pandemic has just exacerbated that. According to a new study by Harvey Nash/KPMG, cybersecurity is now the most sought-after technology skill in the world. Thirty-five per cent of CIOs polled worldwide say they need cybersecurity talent, marking the first time in more than a decade that cybersecurity has topped the global IT skills shortage list.

In addition to that, there’s growing concern for the IT professionals who are already holding down the fort. In the same study, eight in 10 CIOs say they’re worried about the mental health of their IT teams, and 58 per cent have put programs in place to support IT staff mental health during the pandemic.

With cloud and cybersecurity skills in high demand but short supply, and IT teams stretched to their limits, enterprises are facing a workforce crisis.

Cybersecurity talent gap

According to Gartner’s new report on the top nine security trends for 2020, “responding to COVID-19 remains the biggest challenge for most security organizations in 2020 … The shortage of technical security staff, the rapid migration to cloud computing, regulatory compliance requirements and the unrelenting evolution of threats continue to be the most significant ongoing major security challenges.”

In light of that, Gartner’s list of trends invokes technologies that may ease the current cybersecurity skills shortage somewhat, including:

  1. Automation: “Security process automation automates computer-centric security operations tasks based on predefined rules and templates … (to) eliminate repetitive tasks,” the report says. “Automated security tasks can be performed much faster, in a scalable way and with fewer errors.”
  2. SASE: “Secure access service edge (SASE) technology allows organizations to better protect mobile workers and cloud applications by routing traffic through a cloud-based security stack, versus backhauling the traffic so it flows through a physical security system in a data centre,” Gartner states in the report.
  3. Zero trust: Gartner says zero trust network access technology is starting to replace VPNs, which got a heavy workout when lockdowns necessitated working from home en masse.

“Emerging zero-trust network access (ZTNA) enables enterprises to control remote access to specific applications. This is a more secure option, as it ‘hides’ applications from the Internet — ZTNA only communicates to the ZTNA service provider, and can only be accessed via the ZTNA provider’s cloud service. This reduces the risk of an attacker piggybacking on the VPN connection to attack other applications,” the report says.

Read more:

5 ways to boost your cloud security practices
Is blockchain the key to cloud security?
Five facts about cloud access security brokers

Other cloud considerations

Besides tapping into technologies like SASE and ZTNA amid an ongoing talent shortage, what can organizations do to secure — and optimize — their cloud systems for the remainder of the pandemic?

Although most enterprises had already adopted cloud before COVID-19, many are taking time to specifically evaluate whether their providers can truly meet COVID-era service and security needs as the pandemic drags on indefinitely.

“The COVID-19 pandemic has left many organizations unsure whether their business continuity strategy is sufficiently robust,” Gartner analysts write in their latest magic quadrant report on cloud providers. The research firm lists “some hard questions” it says customers should ask of (and about) current or prospective providers:

  • Is the public cloud model sufficiently scalable and resilient to handle unforeseen spikes in demand?
  • Are supporting infrastructure requirements sufficiently robust to ensure continued access to services?
  • Is the telecommunications and networking infrastructure prepared to handle the increase in traffic volume as organizations leverage the Internet to access services?
  • Are there any concerns around the security (physical, perimeter, customer data) of cloud data centres as the workforce performing those functions are being asked to work from home?

The biggest question remains: how will enterprises find the cloud and cybersecurity skills they urgently need when attacks are rising and their teams are stretched thin already? Like everything with COVID-19, the search for answers continues.

Images: JuSun/iStock; PeopleImages/iStock

Share this article:
Comments are closed.