Security practitioners are working to safeguard cloud computing environments but believe they need more education and training, according to a soon-to-be released study conducted by analyst firm Frost and Sullivan.
The 2011 Global Information Security Workforce Study set to be released next week at the annual RSA Conference in San Francisco, polled more than 10,000 security pros from 100 countries about the state of the industry, said global program director at Frost and Sullivan Rob Ayoub.
Cloud computing again will be a dominant theme at this year's RSA conference, according to several participants on the call. Expect other sessions to focus on cyberwarfare, mobile security, emerging threats from social media and privacy, said Hugh Thompson, program committee chair for the RSA conference.
Overall, 73 percent of respondents said they need new skills to deal with cloud, Ayoub said. More than 90 percent said they require a more detailed understanding of securing this technology, while approximately half of respondents want to bolster their contract negotiation skills with providers.
More than half of survey respondents said their organization is using some type of cloud computing, with 16 percent using public cloud services and 42 percent using software-as-a-service.
“We have been using things considered cloud computing for years, and the 50 percent who don't necessarily think they are using cloud probably are in some way,” Rich Mogull, CEO of research firm Securosis, said during the call.
“The business has a need to use these things, and if security can't keep up, they are going to be left behind.”
Delegates who are interested in the topic should focus their attention at the RSA show on sessions that promise to offer actual solutions to cloud computing challenges, Mogull added. Moreover, while speaking to security vendors, attendees should ask for specifics about how their product can help to secure cloud infrastructures.
Frost and Sullivan's study covered threats and challenges, technology solutions, job skills, security budgets, hiring outlooks and salaries.