Cloud Security Statistics Every CIO Should Know

2019 Cloud Statistics

A new year brings new opportunities—and challenges. Just as in years past, some of the biggest challenges that organizations face will remain in the IT security realm. As the year drew to a close, we highlighted six IT security trends to expect in 2019, and provided a “year in review” highlighting cyberattacks and data breaches. Now that the new year is upon us, let’s look at six security statistics every CIO should know.


83% of enterprise workloads will be in the cloud by 2020.

The move to the cloud continues at a rapid pace for all organizations, with those traditionally slower to adopt new technologies also making the switch. The White House’s Cloud Smart initiative has federal, state, and local government agencies ramping up, with Bloomberg Government estimating that their cloud services market has grown from about $1.3 billion in 2010 to a projected $6.5 billion in 2018, a trend that is sure to continue.


Digitally transforming enterprises (63%) is the leading factor driving greater cloud engagement or adoption today.

According to a LogicMonitor survey, the top six factors driving cloud adoption today are: achieving IT agility (62%), excelling at DevOps (58%), improving mobility (55%), Artificial Intelligence (AI) and Machine Learning (50%) and the Internet of Things adoption (45%); in fact, Artificial Intelligence and Machine Learning are predicted to be the number one factor driving greater cloud computing adoption by 2020. Regardless of their rationale for making the switch, with a majority of organizations digitally transforming it will likely be a “do-or-die” situation for other companies to effectively compete.


66% of IT professionals say security is their most significant concern in adopting an enterprise cloud computing strategy.

While most experts agree that enterprises actually benefit from the protections built into the cloud, security continues to worry CIOs, and a look at the alarming rise in malware likely has something to do with it. Over 3 million cryptojacking attacks occurred between January and May of 2018, and the number of cryptojacking malware variants grew from 8 in 2017 to 25 in 2018; in 2017, there were 7.5 million DDoS attacks, and due to the ease of execution, there’s no reason to think 2019 will be any different. Additionally, ransomware is expected to attack a business every 14 seconds by the end of 2019, costing the world $11.5 billion in damages.

And yet, despite these statistics…


At least 95% of cloud security failures will be a result of the user, not the cloud provider.

Fear over cloud security remains a top concern for many organizations.

However, according to Jay Heiser, Research Vice President at Gartner, many of these worries are unsubstantiated. “CIOs must change their line of questioning from “Is the cloud secure?” to “Am I using the cloud securely?” says Heiser. To get there, organizations must develop a comprehensive cloud strategy that every member of the leadership team agrees on, taking into consideration different cloud models (which have different risk and control ramifications). A network vulnerability assessment, performed by an unbiased third-party, can also open the door to new ideas about security.


Almost 90% of data breaches and/or cyberattacks are caused by human error or behavior.

Unfortunately, one of the biggest threats to an organization is its own employees. Phishing scam emails represent 34% of data breaches; network intrusion, such as clicking a link that’s loaded with ransomware, is another 19%; inadvertent disclosure is attributed to 17%; stolen or lost devices accounts for 11% (70 million smartphones are lost every year, and a laptop is stolen every 53 seconds); finally, system misconfiguration is to blame for 6%. These frightening statistics mean that in addition to looking for weaknesses in their technology defenses, organizations also need to look into their people-management protocols, including rigorous employee education, adopting multi-factor authentication, restricting user access, adjusting BYOD (Bring Your Own Device) policies, using security software, and installing encryption software.


Only 12% of global IT organizations understand how GDPR will affect their cloud services.

Europe’s GDPR, or Government Data Protection Regulation, is set to make an impact in 2019. GDPR is a very complex set of rules and regulations that dictates how data is stored, processed, shared, and managed; it also addresses security and what companies must do in the event of a breach. Failure to understand and abide by the GDPR can result in hefty fines, and companies doing business internationally need to fully grasp the situation, making cybersecurity and compliance a top priority.

We’ve got 12 months to go—where will the year take you? Whether you’re considering a move to the cloud, or making a switch to a new provider, DSM can help you achieve predictability in the cloud, in the areas where it matters most: Security, Support, Service, Price, Contracts, and Compliance. In our latest free whitepaper, 6 Tips to Achieving Cloud Predictability, we’ll show you how working with a reputable and reliable cloud provider can ensure you don’t become part of any frightening end-of-year statistics in 2019.

6 Tips to Achieving Cloud Predictability

Related posts