When we think about cryptographic keys, we tend to think about closely guarded secrets. Keys are the only thing that keeps the attacker away from your encrypted data. Some keys are usually treated with the appropriate level of respect. Security professionals in the payments industry, or those that have deployed a PKI, know all too well about the importance... 

Richard Moulds

Cloud Security Still Top Priority For Finance Execs

Cloud Security Still Top Priority For Finance Execs

In the wake of the recent Sony PlayStation hack, Amazon EC2 outage and Epsilon data theft, information security is once again back in the news – for all the wrong reasons.

The web has become a playground for hackers and malcontents eager to phish, defraud and steal wherever and whenever they can. Policing this landscape is a logistical nightmare, and battle lines are being drawn and redrawn many thousands of times a day – which perhaps hints at why many of us are still uncomfortable with the idea of storing sensitive data in third-party environments.

That unease is only likely to have increased following the recent data breach in Sony’s PlayStation network, which compromised the personal data of more than 100 million customers of the Japanese electronics giant. This and other high-profile security snafus, such as a massive outage at Amazon’s cloud computing centre, have caused some businesses to put the brakes on plans to move their operations into the cloud.

There still exists a level of concern over the cloud,” admits Crawford del Prete, Executive Vice President of Worldwide Products and Chief Research Officer at research giant IDC. “There is a need for quite a bit more maturation in terms of people’s experiences with it. When we conduct our surveys, we find that security and uncertainty around what data to put into the cloud are consistently at the top of people’s concerns.”

In a 2010 report by the Ponemon Institute in California, a mere 33 percent of the 1000 IT professionals surveyed trusted the security of cloud-hosting data centres. What’s more, such skepticism seems justified: in a more recent study released last month, Ponemon found that providers of cloud computing resources are not focused on security in the cloud. Rather, their priority is delivering the features their customers want, such as low-cost solutions with fast deployment that improve customer service and increase the efficiency of the IT function. “As a result,” says the report, “providers in our study conclude that they cannot warrant or provide complete assurance that their products or services are sufficiently secure.

Such findings highlight a concern many technology executives share: will external software providers have the firm’s best interests at heart? “If we pick a vendor to host our stuff, are they going to have the right maturity, the right service levels, the ability to pay the same amount of attention as we do to our own environments today?” asks Richard Scott, CTO at Guardian Life Insurance Company. “Are we going to get the same or better or a guaranteed level of service?”

Nonetheless, given that a report published by the Centre for Economics and Business Research suggests cloud computing will allow financial services business to break free from the shackles of old legacy IT, generate some US$250 billion and create a staggering 207,000 jobs, technology and finance executives – along with their colleagues in legal, business and other related departments – will need to work together to eliminate such concerns. Much of this work has already begun: CEBR’s Cloud Dividend report predicts that 60-80 percent of all businesses in the banking, financial and business services sector will have adopted some form of cloud computing by 2015.

As such, as technology evolves – and despite the potential for further security breaches in future – comfort levels with the cloud environment are likely to increase in time as security concerns are addressed. “The future of the cloud will be driven forward by technology and comfort levels, but it will also be pulled back by technology and comfort levels,” says del Prete. “There will be security breaches where all of a sudden people will quickly lose faith in the cloud, and then they will go back to it and slowly become more comfortable again.”

Scott, too, is optimistic that these are just kinks that will work themselves out with time. “As the technology evolves and security techniques become tried and tested, these concerns will go away,” he insists. “I don’t think that there’s anything that will stop the future adoption of cloud services.”

Ensuring security in a cloud-based environment will no doubt be top of the list of issues delegates will be discussing at the Government CIO Summit 2011 which takes place at the Landsdowne Resort, Leesburg, Virginia from 8-10 June 2011.

This closed-door summit, hosted by GDS International, also features some of the leading voices in the government CIO sector, including Bernard Mazer, CIO Department of the Interior; Vance Hitch, CIO Department of Justice; Rick Holgate, CIO Alcohol Tobacco and Firearms (ATF); Henry Chao, CIO Health and Human Services, and Sean Moulton, Director of Federal Information Policy, Office of Management and Budget.

Along with cloud computing, other key topics for discussion include secure access and visibility for data centre performance, security and compliance and federal financial management performance imperatives.

Government CIO Summit 2011 is an exclusive C-level event reserved for 100 participants that includes expert workshops, facilitated roundtables, peer-to-peer networks and co-ordinated meetings.

For more information, visit

Contribution Article By GDS International


GDS International is a leading business-to-business events company. We offer financial, healthcare, IT service management, telecoms and oil and gas summits for senior executives throughout the Asia Pacific, Africa, China, Europe, North America and Russia markets. Our value proposition is simple: we deliver real results. And we’re very good at it.


About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as technology related infographics and comics.