19 Apr 2021

Overcoming security and compliance barricades during digital transformation

Ross Woodham, General Counsel and Chief Privacy Officer, Aptum discusses creating a strategic security approach

Accelerated investment in the cloud became a necessity to support businesses’ immediate needs for remote working, and business resiliency throughout the pandemic. This critical transition emphasised cloud’s impact on businesses’ ability to scale, securely build and deploy pipelines, and respond quickly to changing customer demands.

According to Gartner, growth in the cloud market is expected to increase exponentially until 2024 due to businesses rapidly accelerating their digital transformation plans. As IT leaders assess their short and long-term goals about which workloads are best suited to public or private clouds, organisations are increasingly taking a hybridised approach to their cloud set up.

Aptum’s Cloud Impact Study reaffirmed this, revealing many organisations plan to take a hybridised approach to their cloud infrastructure, with more than half (59%) of respondents saying they will reduce their on-premises infrastructure to some degree and increase public cloud deployments within the next 18-24 months. A further 66% intend to expand their private cloud workloads. The shift is explained by the need to offer more flexible working options, strengthen business continuity plans and bolster agility.

Uptake in both private and public cloud allows organisations to take advantage of the security features associated with both infrastructures too. Fifty-one per cent of senior IT decision makers cited security as a key driver behind a migration to the cloud, specifically to reduce the potential of data breaches and human error that can come with traditional on-premises solutions.

Improving security with cloud

User data is safer in cloud infrastructures than in on-premise environments. This claim has been validated by 91 percent of respondents from the Aptum study reporting a high degree of success in improving their security when migrating to the cloud. An impressive 42 percent see complete success.

Most companies now understand the security benefits of cloud computing and the opportunities it offers in terms of securing a remote workforce, especially during the pandemic. In fact, 51 percent of all survey respondents listed security as a business driver for their investment in cloud services.

IT security teams are now responsible for protecting a scattered workforce, adding to the complications of securing multi-cloud environments in a time where there is also scrutinised budget and resources alongside an increasing number of malicious cyberattacks. A recent McAfee report found a 630% increase in attacks aimed at cloud services since January of 2020. Despite the increased security in hybrid cloud environments that companies are seeing, there are also a range of challenges to overcome.

Cloud security challenges

The top three challenges that respondents in the Aptum Cloud Impact Study cited as barriers to security, governance and compliance are commonly associated with the management, or mismanagement, of infrastructures:

  • 85 percent of respondents cite a lack of a clear mechanism to detect and respond to threats across all cloud environments.
  • 82 percent of respondents cite access management to multiple cloud environments.
  • 81 percent of respondents cite a lack of visibility into all cloud environments through a single portal.

Organisations migrating to hybrid-cloud solutions can manage these complexities and achieve better security levels than they could in their server rooms by embedding security at the beginning of digital transformation. Security must run through initial conception, deployment, and ongoing operation in any cloud migration project. Companies must also continually revisit security principles as their hybrid cloud infrastructure shifts and grows.

For companies to be truly effective in their cloud security solutions, they must have total visibility across the organisation’s entire IT infrastructure to be able to identify, prioritise and respond to any threat that may arise.

A strategic security approach

Companies that don't monitor and control operations in the cloud risk one of the biggest security dangers: configuration drift. This is where new resources and configurations move operations away from what the policy demands, creating vulnerabilities and compliance violations. IT environments are malleable and always evolving, which is why any deployment must adhere to detailed security protocols that comply with industry and privacy regulations.

The answer lies in a strategic approach to security as part of a cloud transformation initiative. Security should be a priority at all stages of the cloud transformation process, from initial concept through to design, implementation, and ongoing operation.

A cloud environment is only as secure as the policies and controls an organisation has in place, which is why organisations need to build security into the foundation of any cloud strategy. A long-term partnership with an experienced cloud service provider enables organisations to get their cloud transformation right from the outset by highlighting and handling the questions that they might not have thought to ask. Investing that time and attention now will help build a reliable and secure platform for tomorrow's digital transformation.

Rory Daniels

Rory Daniels

Senior Programme Manager, Emerging Technologies

Rory joined techUK in June 2023 after three years in the Civil Service on its Fast Stream leadership development programme.

During this time, Rory worked on the Government's response to Covid-19 (NHS Test & Trace), school funding strategy (Department for Education) and international climate and nature policy (Cabinet Office). He also tackled the social care crisis whilst on secondment to techUK's Health and Social Care programme in 2022.

Before this, Rory worked in the House of Commons and House of Lords alongside completing degrees in Political Economy and Global Politics.

Today, Rory leads techUK's emerging technologies activity across everything from immersive, web3, AI and robotics to space, gaming & metaverse.

This involves co-running techUK's flagship Innovation campaign, managing four series (including the 'Meet the Innovators' interview series), and launching 4-6-month 'sprint campaigns' on transformative technologies and sectors.

Email:
[email protected]
LinkedIn:
https://www.linkedin.com/in/rorydaniels28/

Read lessmore

Tess Buckley

Tess Buckley

Programme Manager - Digital Ethics and AI Safety, techUK

A digital ethicist and musician, Tess holds a MA in AI and Philosophy, specialising in ableism in biotechnologies. Their professional journey includes working as an AI Ethics Analyst with a dataset on corporate digital responsibility, followed by supporting the development of a specialised model for sustainability disclosure requests. Currently at techUK as programme manager in digital ethics and AI safety, Tess focuses on demystifying and operationalising ethics through assurance mechanisms and standards. Their primary research interests encompass AI music systems, AI fluency, and technology created by and for differently abled individuals. Their overarching goal is to apply philosophical principles to make emerging technologies both explainable and ethical.

Outside of work Tess enjoys kickboxing, ballet, crochet and jazz music. 

Email:
[email protected]
Website:
tessbuckley.me
LinkedIn:
https://www.linkedin.com/in/tesssbuckley/

Read lessmore

Laura Foster

Laura Foster

Associate Director - Technology and Innovation, techUK

Laura is techUK’s Associate Director for Technology and Innovation.

She supports the application and expansion of emerging technologies, including Quantum Computing, High-Performance Computing, AR/VR/XR and Edge technologies, across the UK. As part of this, she works alongside techUK members and UK Government to champion long-term and sustainable innovation policy that will ensure the UK is a pioneer in science and technology

Before joining techUK, Laura worked internationally as a conference researcher and producer covering enterprise adoption of emerging technologies. This included being part of the strategic team at London Tech Week.

Laura has a degree in History (BA Hons) from Durham University, focussing on regional social history. Outside of work she loves reading, travelling and supporting rugby team St. Helens, where she is from.

Email:
[email protected]
LinkedIn:
www.linkedin.com/in/lauraalicefoster

Read lessmore

Sue Daley OBE

Sue Daley OBE

Director, Technology and Innovation

Sue leads techUK's Technology and Innovation work. 

This includes work programmes on cloud, data protection, data analytics, AI, digital ethics, Digital Identity and Internet of Things as well as emerging and transformative technologies and innovation policy. 

In 2025, Sue was honoured with an Order of the British Empire (OBE) for services to the Technology Industry in the New Year Honours List. 

She has been recognised as one of the most influential people in UK tech by Computer Weekly's UKtech50 Longlist and in 2021 was inducted into the Computer Weekly Most Influential Women in UK Tech Hall of Fame. 

A key influencer in driving forward the data agenda in the UK, Sue was co-chair of the UK government's National Data Strategy Forum until July 2024. As well as being recognised in the UK's Big Data 100 and the Global Top 100 Data Visionaries for 2020 Sue has also been shortlisted for the Milton Keynes Women Leaders Awards and was a judge for the Loebner Prize in AI. In addition to being a regular industry speaker on issues including AI ethics, data protection and cyber security, Sue was recently a judge for the UK Tech 50 and is a regular judge of the annual UK Cloud Awards.

Prior to joining techUK in January 2015 Sue was responsible for Symantec's Government Relations in the UK and Ireland. She has spoken at events including the UK-China Internet Forum in Beijing, UN IGF and European RSA on issues ranging from data usage and privacy, cloud computing and online child safety. Before joining Symantec, Sue was senior policy advisor at the Confederation of British Industry (CBI). Sue has an BA degree on History and American Studies from Leeds University and a Masters Degree on International Relations and Diplomacy from the University of Birmingham. Sue is a keen sportswoman and in 2016 achieved a lifelong ambition to swim the English Channel. 

Email:
[email protected]
Phone:
020 7331 2055
Twitter:
@ChannelSwimSue,@ChannelSwimSue

Read lessmore

Elis Thomas

Elis Thomas

Programme Manager, Tech and Innovation, techUK

Elis joined techUK in December 2023 as a Programme Manager for Tech and Innovation, focusing on Semiconductors and Digital ID.

He previously worked at an advocacy group for tech startups, with a regional focus on Wales. This involved policy research on innovation, skills and access to finance.

Elis has a Degree in History, and a Masters in Politics and International Relations from the University of Winchester, with a focus on the digitalisation and gamification of armed conflicts.

Email:
[email protected]
Website:
www.techuk.org/
LinkedIn:
https://www.linkedin.com/in/elis-thomas-49a1aa1a1/

Read lessmore

Usman Ikhlaq

Usman Ikhlaq

Programme Manager - Artificial Intelligence, techUK

Usman joined techUK in January 2024 as Programme Manager for Artificial Intelligence.

His role is to help techUK members of all sizes and across all sectors to adopt AI at scale. This includes identifying the barriers to adoption, considering solutions and how best to maximise AI's potential.

Prior to joining techUK, Usman worked as a policy, government affairs and public affairs professional in the advertising sector. He has also worked in sales and marketing and FinTech.

Usman is a graduate of the London School of Economics and Political Science (MSc), BPP Law School (GDL and LLB) and Queen Mary University of London (BA). 

When he isn’t working, Usman enjoys spending time with his family and friends. He also has a keen interest in running, reading and travelling.

Email:
[email protected]
LinkedIn:
https://uk.linkedin.com/in/usman-ikhlaq,https://uk.linkedin.com/in/usman-ikhlaq

Read lessmore

Harriet Allen

Harriet Allen

Programme Assistant, Technology and Innovation, techUK

 

Related topics