Enterprises Slow To Adopt Cloud Strategies, Risk Management

Cloud computing and risk management may be hot topics on the speaking circuit these days, but security professionals still aren't making much progress in implementing them, according to a study released today.

The study, which surveyed some 1,809 members of ISACA, an association of security professionals, found that 45 percent of respondents believe the security risks of cloud computing outweigh the benefits.

Only 10 percent of respondents' organizations plan to use cloud computing for mission-critical IT services, and one in four (26 percent) do not plan to use it for any IT services, the study says.

The online survey also gauged organizations' attitudes and behaviors related to IT risk management. According to IT professionals, only 22 percent of organizations are very effective at integrating IT risk management with their overall business risk management. The most common reason for practicing IT risk management was regulatory compliance (28 percent). Only 8 percent cited business drivers for risk management initiatives, such as improving the balance of risk taking with risk avoidance to improve return.

About 16 percent of respondents see cost management as a driver for risk management, while 9 percent see business change as the most important driver,nce, ISACA said.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.