Operational risk trumps cybersecurity concerns when businesses move to the cloud


Despite the proven benefits of moving to the cloud, many businesses are still avoiding the move due to fears about cybersecurity risks. A recent survey by Palo Alto Networks found that in Australia, moving to the cloud is considered the second biggest cybersecurity challenge for organisations (36 per cent of respondents). (see reference 1 below)

However, with security arguably stronger in the cloud than on-premise, businesses should be more concerned about addressing the operational risk, according to Palo Alto Networks.

Philip Dimitriu, Director of Systems Engineering, ANZ, Palo Alto Networks, said, “If organisations have the right technology in place, security shouldn’t be an issue. Moving to the cloud is an integral part of business growth: it helps address the need for compute and storage resources, and provides agility, scalability, and global reach.

“Moving to the public cloud means handing over the organisation’s data to a third party, which can make some business leaders nervous. That doesn’t have to be the case because, in most instances, data is more secure in the cloud. And, while it’s not possible to stop all cyberattacks regardless of whether data resides in the cloud or on-premise, it is possible to reduce the risk substantially.”

Business leaders should be more concerned with operational risk when it comes to cloud adoption. This refers not just to data security but to issues around the performance of applications in the cloud. If the business can’t use certain applications because of performance issues, this can have a significant knock-on effect that makes it difficult to conduct business as usual.

Similarly, if data stored in the cloud isn’t available when business users need it, this can impact the business’s ability to fulfil orders and provide a high standard of service.

Philip Dimitriu said, “Moving to the cloud should deliver operational improvements. If the service provider can’t guarantee uptime and performance, as well as security, then it defeats the purpose: the business may as well have kept everything on-premise. Downtime and poor performance can directly affect the business’s bottom line, so it’s essential for decision-makers to address this upfront with providers.

“Decision-makers need to ensure there are legal agreements, including service level agreements, in place that cover questions of uptime, liability, performance, and data ownership. They must then regularly review the relationship to ensure it continues to serve the business needs. By doing these things, organisations can overcome the potential operational risks and achieve the transformational benefits of moving to the cloud. Cloud security should not be seen as an inhibitor, but instead as an enabler to cloud service adoption.”

1)  The State of Cybersecurity in Asia-Pacific report, by Palo Alto Networks interviewed over 500 respondents in APAC, covering Australia, China, Hong Kong, India, and Singapore markets. This included over 100 respondents from Australia. The number one issue highlighted with cybersecurity was employees’ lack of awareness (41 per cent) and third was having legacy IT systems (31 per cent).