AWS Debunks Cloud Security Myths

Contrary to popular notions that micro, small and medium enterprises aren’t taking to cloud technologies, a new survey has sought to debunk this theory while also busting some myths over the entire cloud-first approach to digital infrastructure and cybersecurity. 

The survey, conducted by Amazon Web Services, reached out to more than 800 top executives working in small and medium enterprises across the world and found that as many as 35% of the respondents had described investments in data security as not being a strategic priority. In a podcast, AWS says cybersecurity could seem to be an added cost instead of a direct contributor to growth and revenue. 

In a related post published by SDxCentral, Ben Schreiner, AWS head of business innovation for SMEs in the US, notes that while business owners juggle numerous priorities such as cash flows and talent recruitment, security needs to be seen as a strategic priority, because, if anything, they are more vulnerable and less likely to be able to afford a disruption.  

“Whether you’re in the cloud or not, security just has to be a higher priority than it ever has been. There’s too many bad guys out there and they don’t care how big your company is,” he added. “And unfortunately, the small and medium businesses don’t have as much security as the big banks, let’s compare. And so they’re easier targets, unfortunately, for the bad actors, the official was quoted as saying.”

Busting a few myths on cloud security options

The survey also found that more than 40% of the enterprise hadn’t provided security training to their staff, while 43% were planning to embark on this route in 2024. This is a strict no-no, given the fact that there are several free cloud security trainings available online with AWS too providing cybersecurity certifications in this field. 

Another myth around cloud security came to the fore when more than half the respondents felt that migration to the cloud is harder and more of a risk. They felt on-premises solutions were more familiar and therefore safer. AWS leaders have sought to bust this myth by noting that the cloud offers better flexibility and scalability to manage security. 

According to Schreiner, companies carry several legacy tools in the cybersecurity area and when they approach a cloud security provider, they can actually reduce this number and simplify the process as well as have better all round visibility of their cybersecurity framework.  

The biggest challenge is finding skilled resources

Another key misconception that broke forth following the survey is that close to a third of the respondents admitted to understanding their company’s security risks and compliance needs but were unsure about how to go about it. Close to 40% of these respondents felt that absence of a skilled set of security resources was a challenge. 

From Schreiner’s point of view, getting staff for cybersecurity at small and medium enterprises was a tough act, given the challenges in terms of remuneration compared to large businesses. With a single person seldom responsible for taking decisions around security, it falls on everyone to share it and work towards ensuring data security.

However, there are several ways that small enterprises can fill the skills gap in this area. For starters, they can get specialized training for existing staff (such as the one we spoke about earlier that is available via AWS). The other option is to leverage expertise from other businesses and solutions to make their cybersecurity failproof.