A new eight-nation APAC study conducted by Boston Consulting Group (BCG) shows that spending on the public cloud and related services is growing, yet organizations aren’t confident about the security of cloud infrastructure and are holding back. The study titled “Businesses in Asia-Pacific Can Find Resilience and Growth in the Cloud,” showed that APAC cloud spending is growing at a compound annual rate of 25%. This is much faster than similar growth across the U.S. and Western Europe and points to the region’s readiness to invest in cloud initiatives that are accelerating the pace of innovation, growth, and customer engagement. The study notes that capturing the full potential of the cloud may help companies successfully navigate through the current and post-COVID-19 environment. Remote working is accelerating cloud adoption, but companies need to evaluate their security posture for remote environments.
The April 2020 BCG study was developed in collaboration with Amazon Web Services (AWS) and covers Australia, India, Indonesia, Malaysia, the Philippines, Singapore, Thailand, and Vietnam. It shows that companies in these countries are dedicating an average of roughly 5% of their IT budgets to cloud expenditures, a figure that is expected to double by 2023. The study finds that growth in the public cloud could have a positive economic impact of more than $450 billion across the region. It highlights the case of Australian Airways, which saved $40 million per year in fuel costs by using cloud-based analytics to improve thousands of flight routes.
Luc Grimond, a Managing Director at BCG, said, “We’re seeing in the current COVID-19 crisis that more companies are shifting workers to virtual environments and employing end-user computing, using the cloud to quickly roll out essential collaboration tools. Cloud investments will have longer-term benefits as well, such as risk reduction, the ability to provide new and better services to business stakeholders, and improved personalization of product and service offerings.”
Despite the growth in cloud spending, several organizations are slow to move to cloud or are holding back due to security concerns.
Security awareness has also created uncertainty. In some countries, organizations are still awaiting the completion of regulatory assessments governing data privacy and security protection. Companies may also be unaware of the security capabilities offered by their cloud providers. As a result of cybersecurity concerns, approximately 45% of respondents said that they do not host specific data on the public cloud.
Rethink cybersecurity for the cloud. Many nascent businesses still rely on conventional security controls to manage their cloud environments, but these do not provide the necessary safeguards. Mapping out rules and requirements ahead of time is crucial. One executive at a Singaporean financial institution said, “People are biased toward hardware security because it is tangible. We need to assure people that even if the cloud-based hardware is not under their control, it is more secure than the same hardware on premise.”
Remote working is accelerating cloud adoption
With more employees working remotely, companies have moved aggressively to establish virtual work environments. The pressure to move quickly, however, means many businesses are deploying tools that lack adequate data management protection or that are not adapted to existing security processes. As a result, businesses may be exposed to massive security vulnerabilities. Since the COVID-19 pandemic began, for example, the number of cyberattacks on companies globally has risen exponentially as malicious actors introduced new attack vectors, such as the “Co-VID-19” phishing scam. Companies need to review their existing data protection model and security controls to enable fast adoption of cloud-based systems. Accelerating the shift to the cloud would allow businesses to provide remote environments that maintain appropriate data security.
Many advanced cyber solutions exist to help organizations boost their security posture. For example, an Australian bank deployed a fully managed intelligent threat detection service that continuously monitors account activity for malicious or unauthorized behavior to help protect cloud workloads and safeguard customer data.
Many cloud providers also embed sophisticated security protections, such as automated security controls and access provisioning, into their offerings. A financial underwriting company in India found that the cloud security offered by its public-cloud operator included several audit-friendly features that could help the company meet a number of payment, security, and technical compliance standards.