About Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy.

Andrew has served in various roles and responsibilities at a number of companies including OpenDNS (now a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

Infographic: Security and the Cloud 2012

After spending days and weeks poring over the results of the CloudPassage 2012 Security and the Cloud survey, we have finally released the most interesting findings in an easy to reference infographic. With over 200 respondents across 50 unique industries, this was our most successful and engaging survey to date.

It should be of no surprise to anyone involved in IT or security operations and architecture that companies have big plans for public cloud. What may surprise you, however, is how quickly organizations plan to embrace public cloud for critical application deployment by this time next year. Based on the results of our survey, 4 out of 5 respondents claim to be using public cloud servers within their organization for a variety of critical business functions such as temporary workload, big data, hosting of e-commerce applications, media, internal development and testing and the deploying of both internal and external applications.

We also noticed that some concerns about public cloud security are beginning to fade. The multi-tenancy of infrastructure or applications, provider access to guest servers, and the lack of perimeter defenses or network controls have all significantly decreased since our 2011 survey.

Though concerns about security and compliance (or the perceived lack thereof) in addition to the loss of control remain high, concerns about technology maturity, deployment complexity, cost, and expertise required fall on the low side of the concern spectrum.

Perhaps the most reassuring result from the survey is that nearly 80% of respondents understand where the demarcation between end user and service provider security responsibility lies.

Without any further ado, please enjoy the infographic below that helps communicate the highlights of our findings. If you would like to talk to us about our methodology or findings, please reach out to Jennefer Traeger at press@cloudpassage.com to schedule a briefing.

Security and the Cloud 2012 Infographic

Andrew Hay