Security practitioners are working to safeguard cloud computing environments but believe they need more education and training, according to a soon-to-be released study conducted by analyst firm Frost & Sullivan.
The “2011 Global Information Security Workforce Study,” set to be released next week at the annual RSA Conference in San Francisco, polled more than 10,000 security pros from 100 countries about the state of the industry, Rob Ayoub, global program director at Frost & Sullivan, said Wednesday during a pre-show analyst conference call.
Cloud computing again will be a dominant theme at this year's RSA conference, according to several participants on the call. Expect other sessions to focus on cyberwarfare, mobile security, emerging threats from social media and privacy, said Hugh Thompson, program committee chair for the RSA conference.
Overall, 73 percent of respondents said they need new skills to deal with cloud, Ayoub said. More than 90 percent said they require a more detailed understanding of securing this technology, while approximately half of respondents want to bolster their contract negotiation skills with providers.
More than half of survey respondents said their organization is using some type of cloud computing, with 16 percent using public cloud services and 42 percent using software-as-a-service.
“We have been using things considered cloud computing for years, and the 50 percent who don't necessarily think they are using cloud probably are in some way,” Rich Mogull, CEO of research firm Securosis, said during the call. “The business has a need to use these things, and if security can't keep up, they are going to be left behind.”
Attendees who are interested in the topic should focus their attention at the RSA show on sessions that promise to offer actual solutions to cloud computing challenges, Mogull added. Moreover, while speaking to security vendors, attendees should ask for specifics about how their product can help to secure cloud infrastructures.
Meanwhile, the Frost & Sullivan study, described as the world's largest survey of information security professionals, also covers current threats and challenges, technology solutions, job skills, security budgets, hiring outlooks and salaries.
Findings are to be discussed at the conference at 10 a.m. Feb. 17 during a panel that will include Ayoub; Hord Tipton, executive director of security certification body ISC(2); Joyce Brocaglia president and CEO of staffing firm Alta Associates and Alan Paller, director of research at the SANS Institute.