19 Cloud Computing Statistics That Will Keep You Awake at Night
1 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 51 vote, average: 5.00 out of 5 (1 votes, average: 5.00 out of 5, rated)
Loading...

19 Cloud Computing Statistics That Will Keep You Awake at Night

Cloud adoption rates are increasing by the day as more businesses take advantage of everything the cloud has to offer. But along with the benefits the cloud offers, it also brings increasing security risks. Here’s a list of 19 cloud adoption and security statistics you should know in 2021 and beyond

As kids, it’s fun to lay outside with family or friends and stare up at the sky. You look for fun and exciting shapes and characters in the clouds. But as adults, particularly those working in IT security for enterprises, we look to “clouds” in a different way — both as a source of scalable storage and as a means of delivering services in our digital world. This is particularly true when it comes to increasing remote work requirements since Covid-19 first reared its ugly head nearly two years ago.

However, as you know, the cloud has its ups and downs when it comes to security and usages. That’s why we’ve put together a list of 19 attention-grabbing cloud computing statistics — this will cover data relating to cloud adoption, cloud security, and other informative statistics.

Let’s hash it out.

What we’re hashing out…

  1. Cloud adoption rates are increasing by the day as more businesses take advantage of everything the cloud has to offer. But along with the benefits the cloud offers, it also brings increasing security risks. Here’s a list of 19 cloud adoption and security statistics you should know in 2021 and beyond
    1. Cloud Adoption Statistics
      1. 1. 92% Enterprises Have a Multi-Cloud Strategy in Place
        1. 2. Two-Thirds of Organizations Will Be Less Individual Vendor-Dependent Within 3 Years
          1. 3. 52% of Organizations Identify Cloud-Based Services as Factor in PKI Growth
            1. 4. Cloud Ranks #1 As Preferred Security Technology Deployment Method
            2. Cloud Computing Statistics Relating to Costs
              1. 5. Rising Cloud Account Compromises Cost Businesses ~$6.2 Million Over 12 Months
                1. 6. 60% of I&O Leaders Will Experience Budget Issues Due to Public Cloud Cost Overruns
                  1. 7. 59% of Organizations Spend Up to $12 Million a Year on Public Cloud
                    1. 8. 31% of Organizations Are Spending More Than $50 Million on Cloud Infrastructure
                    2. Cloud Security Statistics
                      1. 9. 98% of Organizations Experienced a Cloud Security Breach in Past 18 Months
                        1. 10. 72% of IT Security Leaders Rank Cloud as Top Digital Transformation Priority
                          1. 11. ~90% of Data Breaches Target Servers
                            1. 12. 96% of Web App Attack-Based Mail Server Compromises Involve the Cloud
                              1. 13. Hybrid Cloud Data Breaches Cost $1.19 Million Less Than Those Affecting Public Clouds
                                1. 14. Cloud Misconfigurations Represents 15% of Initial Attack Vectors in Data Breaches
                                  1. 15. 65% of Cloud Network Security Incidents Stem from User Error
                                    1. 16. 30% of Organizations Don’t Use Adequate Cloud Security Controls
                                      1. 17. 83% of Cloud Breaches Stem From Access Vulnerabilities
                                      2. Cloud Computing Statistics: What Types of Data Organizations Store in the Cloud
                                        1. 18. 51.9% of Organizations Store Employee Records in the Public Cloud
                                          1. 19. SMBs Have 64% of Workloads in Public Cloud; Enterprises Have 47%
                                          2. Cloud Computing, Adoption and Security Statistics in 2021 — TL;DR

                                            Cloud Adoption Statistics

                                            When it comes to cloud adoption, you must decide whether it’s better for your business to use a single cloud provider or work with multiple cloud providers. Part of this decision entails choosing whether to use in-house resources (on-prem), cloud, or perhaps a hybrid approach.

                                            There’s no right or wrong answer — that decision is something you must determine the answer to based on factors that include your budget, needs, and in-house resources (including personnel).  

                                            1. 92% Enterprises Have a Multi-Cloud Strategy in Place

                                            Data from Flexera’s 2021 State of the Cloud Report shows that nine in 10 enterprises are taking a multi-cloud strategy approach. Within that group, more than 80% of enterprises report having a hybrid cloud strategy in place.  

                                            Cloud computing statistics pie chart: A pie chart that shows the breakdown of whether companies use single public, multi-cloud or single private cloud strategies. Data is from Flexera's 2021 State of the Cloud Report.
                                            Data source: Flexera’s 2021 State of the Cloud Report.

                                            2. Two-Thirds of Organizations Will Be Less Individual Vendor-Dependent Within 3 Years

                                            Organizations that have multi-cloud strategies are less likely to be dependent upon individual vendors. Gartner’s 4 Trends Impacting Cloud Adoption in 2020 report shows that by 2024, nearly two in three organizations will use more than one vendor.

                                            Furthermore, data from a separate Gartner survey also shows that 81% of public cloud users currently use two or more cloud providers. However, their research also predicts that 50% of the public cloud market will be controlled by the 10 biggest providers by 2023.

                                            3. 52% of Organizations Identify Cloud-Based Services as Factor in PKI Growth

                                            Every day, the cloud is playing a larger role in organizations’ operations and services, and businesses are increasingly turning to PKI to provide identity and security. In their 2021 State of Machine Identity Management report, Keyfactor and the Ponemon Institute report that more than half of organizations report cloud-based services as the impetus for public key infrastructure deployment and usage growth rates. This is followed by:

                                            • Zero-trust security strategy (50%),
                                            • Remote workforce needs (43%), and
                                            • IoT devices (43%).

                                            4. Cloud Ranks #1 As Preferred Security Technology Deployment Method

                                            Cynet’s 2021 Survey of CISOs with Small Cyber Security Teams shows that companies with smaller security teams are looking primarily to the cloud (57%) as a means of implementing security technologies. This top-ranking priority is followed by on-prem (21%) and hybrid (13%).

                                            By outsourcing resource-intensive processes like managing in-house IT infrastructure, companies can free up their limited personnel to focus on other priorities.

                                            Cloud Computing Statistics Relating to Costs

                                            Whether it’s the cost of running servers or having the personnel in place to manage them, everything costs money — and prices are increasing. With this in mind, let’s explore some of the cloud computing-related costs for businesses.

                                            5. Rising Cloud Account Compromises Cost Businesses ~$6.2 Million Over 12 Months

                                            Data from Proofpoint and the Ponemon Institute’s report The Cost of Cloud Compromise and Shadow IT shows that security incidents cost businesses a pretty penny. Their survey of 662 U.S. IT and IT sec professionals shows that cloud account compromises cost an average of more than $6.2 million over 12 months. 86% of the surveyed organizations said cloud account compromises cost them at least $500,000.

                                            To put this into context, the cost of cloud account compromises averages out to be 3.5% of their total revenues within the same period.  

                                            6. 60% of I&O Leaders Will Experience Budget Issues Due to Public Cloud Cost Overruns

                                            Cloud migration can cost a pretty penny, but not all organizations properly plan for the expenses. While organizations often plan for the direct costs associated with this process, planning for indirect costs can fall through the cracks. As such, Gartner’s cloud migration cost research predicts that almost two in three infrastructure and operations (I&O) leaders through 2024 will experience public cloud migration cost overruns that will take a toll on their on-prem budgets.

                                            7. 59% of Organizations Spend Up to $12 Million a Year on Public Cloud

                                            Flexera reports in their 2021 State of the Cloud Report that 30% of the organizations they surveyed have annual public cloud spends ranging between $2.4 million and $12 million. Another 31% of their survey respondents indicate they spent more than $12 million a year!

                                            Based on the estimate of $12 million a year, that means these large organizations are spending an average of $32,876.72 a day on public cloud.

                                            Cloud computing statistics pie chart: This graphic breaks down the annual public cloud spend for businesses. Data is from Flexera's 2021 State of the Cloud Report.
                                            Data source: Flexera’s 2021 State of the Cloud Report

                                            8. 31% of Organizations Are Spending More Than $50 Million on Cloud Infrastructure

                                            $50 million — that’s more money than some business owners will ever see in their entire lifetimes. But according to research from IDC and the cloud infrastructure security company Ermetic, that number is just the annual cloud infrastructure expenses for some companies. Their research also shows that 71% of businesses invest up to $50 million a year to expand their cloud infrastructures.

                                            Cloud Security Statistics

                                            Cloud security is integral to your organization’s overall security health. Let’s explore some relevant cloud security statistics and data to give you a better view of what this sector of the industry looks like.

                                            9. 98% of Organizations Experienced a Cloud Security Breach in Past 18 Months

                                            Would you believe me if I told you that nearly all organizations have experienced a cloud data breach within the previous year and a half? Data from IDC and Ermetic shows that almost all the organizations (98%) they surveyed experienced a minimum of one cloud data breach in that period. Their study involved 200 CISOs and other security decision-makers from U.S. companies.

                                            The report indicates that this rose nearly 20% from their 2020 survey in which “only” 79% of respondents indicated the same.

                                            10. 72% of IT Security Leaders Rank Cloud as Top Digital Transformation Priority

                                            In early 2021, Keyfactor hired the Ponemon Institute to conduct a survey of 100 North American IT security execs to better understand their zero-trust strategy priorities and where public key infrastructure fits in:

                                            • 72% of IT security leaders rank cloud as their organizations’ top digital transformation priority,
                                            • 66% already use PKI automation or are in the midst of deploying it within their organizations, and
                                            • 49% list a cloud-first PKI deployment approach as their third-highest priority (behind certificate lifecycle automation [56%] and PKI visibility [71%]).

                                            11. ~90% of Data Breaches Target Servers

                                            Verizon’s 2021 Data Breach Investigations Report (DBIR) shows that servers lead the way in terms of being the top assets targeted in data breaches. Web application servers took the lead as the primary breach target, encompassing more than 50% of breaches; mail servers came in second with ~25% of data breaches targeting them.

                                            “Compromised external cloud assets were more common than on-premises assets in both incidents and breaches. Conversely, there was a decline of user devices (desktops and laptops) being compromised. This makes sense when we consider that breaches are moving toward Social and Web application vectors, such as gathering credentials and using them against cloud-based email systems.” Verizon 2021 DBIR Executive Brief

                                            12. 96% of Web App Attack-Based Mail Server Compromises Involve the Cloud

                                            More than 50% of the web app attack-based data breaches Verizon analyzed in their 2021 Data Breach Investigations Report (DBIR) involve mail server compromises. Of those compromised, the overwhelming majority (96%) were cloud-based mail servers.

                                            13. Hybrid Cloud Data Breaches Cost $1.19 Million Less Than Those Affecting Public Clouds

                                            Data from IBM and the Ponemon Institute’s 2021 Cost of a Data Breach report shows that the average cost of a data breach for a hybrid cloud environment is $3.61 million. This average cost is less than other cloud environments (i.e., on-prem, private, and public clouds). The average total cost of a data breach for businesses globally was $4.24 million.

                                            Cloud security statistics graphic: A bar chart breakdown showcasing the average total costs of data cloud-based data breaches by cloud type.
                                            Data source: IBM and the Ponemon Institute’s 2021 Cost of a Data Breach Report.

                                            14. Cloud Misconfigurations Represents 15% of Initial Attack Vectors in Data Breaches

                                            IBM’s 2021 Cost of a Data Breach report shows that cloud misconfigurations were the third most common initial attack vector in the breaches they analyzed. These types of data breaches require an average of 186 days to identify and another 65 to contain. The price tag accompanying this attack vector? A cool $3.86 million in total costs.

                                            Needless to say, these types of cloud security statistics underscore the importance of having strong security measures, processes, and policies in place. Having these resources in place can help you avoid “oops” situations that put your company, data, and reputation at risk. 

                                            15. 65% of Cloud Network Security Incidents Stem from User Error

                                            It’s no secret that security misconfigurations are a big issue for businesses. But Palo Alto’s Unit 42 2H 2020 research indicates that two in three security-related incidents are due to misconfigurations. But that’s still lower than estimates from Gartner, which estimates that 99% of cloud security failures through 2025 will be the customers’ fault — pointing to the idea that misconfigurations are a much bigger issue.   

                                            16. 30% of Organizations Don’t Use Adequate Cloud Security Controls

                                            Palo Alto’s Unit 42 Cloud Threat Report 1H 2021 data shows that nearly one in three organizations fail to implement proper security measures in the cloud. These controls are what help to protect cloud environments against attacks and mitigate vulnerabilities.

                                            17. 83% of Cloud Breaches Stem From Access Vulnerabilities

                                            Access security measures are the locks on your doors and the walls around your castle. But data from IDC and Ermetic shows that access-related vulnerabilities cause four in five cloud data breaches. The top-ranking industries? Healthcare, Utilities, and Media.

                                            Overall, their report also shows that larger companies are more at risk of experiencing these security issues than businesses with fewer employees. (60% of businesses with 10,000 or more employees cite access as their leading factor for causing cloud breaches.) This makes sense, considering that they have much larger attack surfaces than their smaller business counterparts.

                                            Cloud Computing Statistics: What Types of Data Organizations Store in the Cloud

                                            Before we jump into the data, ask yourself: what types of data are you storing in the cloud? And what steps are you taking to ensure that data remains secure?

                                            When it comes to cloud storage, organizations store everything from employees’ and customers’ sensitive information to intellectual property and trade secrets. Let’s explore some key cloud computing and usage statistics relating to stored data.

                                            18. 51.9% of Organizations Store Employee Records in the Public Cloud

                                            Frankly, storing sensitive data in the cloud is always risky — this is why companies that choose to do so need to take extra precautions in terms of how they secure that data. According to SAN’s 2021 Cloud Security Survey data from a presentation sponsored by Blue Hexagon, the top three types of sensitive or regulated data that companies store include:

                                            • Employee records (52.9%),
                                            • Business intelligence data (51.1%), and
                                            • Business records — finance and accounting (50.2%).

                                            19. SMBs Have 64% of Workloads in Public Cloud; Enterprises Have 47%

                                            Flexera’s 2021 State of the Cloud Report data shows that almost half of enterprises’ workloads (47%) and data (44%) are currently stored in public cloud environments. These organizations aim to add another 8% and 7%, respectively, to the cloud within the following 12 months.

                                            Compare this to SMB respondents, who say they have 64% of workloads and 59% of data in the public cloud now, and that they plan to add another 5% of workloads and 8% of data within 12 months.

                                            Cloud Computing, Adoption and Security Statistics in 2021 — TL;DR

                                            It’s obvious you’re in a rush if you’ve skipped right to this section. As such, we’ve put together a brief highlights list of the top five cloud computing statistics to note from the list above:

                                            • Keyfactor data shows that 52% of organizations see cloud-based services as a factor in the growth of their public key infrastructures.
                                            • IBM and the Ponemon Institute report that the average cost of a hybrid cloud data breach is $3.61 million.
                                            • IDC and Ermetic report that 98% of organizations suffered at least one cloud security breach in the previous 18 months.
                                            • Palo Alto reports that one in three organizations fail to implement proper security measures in the cloud.
                                            • Gartner data shows that 60% of I&O leaders point to public cloud overrun costs as a source of budgetary headaches.

                                            As always, feel free to leave a comment and share your most notable cloud security statistics and cloud computing statistics below…

                                            Be the first to comment

                                            Leave a Reply

                                            Your email address will not be published. We will only use your email address to respond to your comment and/or notify you of responses. Required fields are marked *

                                            Captcha *

                                            Author

                                            Casey Crane

                                            Casey Crane is a regular contributor to (and managing editor of) Hashed Out with 15+ years of experience in journalism and writing, including crime analysis and IT security. Casey also serves as the Content Manager at The SSL Store.