Cloud Security,
Finance & Banking,
Industry Specific
Report: Financial Organizations Turn to Multi-Cloud Strategies Amid Cyber Threats and Regulatory Pressures
A recent report reveals that financial institutions are increasingly moving towards multi-vendor cloud strategies to mitigate reliance on single providers, a response to rising cyber threats and complex regulatory frameworks. This shift aims to bolster organizational resilience while addressing these challenges, according to the Cloud Security Alliance.
The report highlights that a multi-cloud approach not only enhances operational flexibility but also strengthens disaster recovery efforts and ensures business continuity for financial organizations. The sector’s unique resilience requirements have prompted this transition, as recent findings from the Cloud Security Alliance emphasize that financial institutions are adopting cloud technologies with caution, mainly to navigate burgeoning regulatory hurdles ahead of new rules set to take effect in 2025.
As pointed out by Troy Leach, Chief Strategy Officer at the Cloud Security Alliance, the increasing reliance on third-party cloud services necessitates robust data protection measures in response to escalating cyber threats to supply chains. Leach emphasized the importance for security and governance professionals to proactively understand and prepare for evolving regulatory landscapes and technological complexities.
Despite the advantages of multi-cloud strategies, the report notes that a significant portion of financial institutions still favors single-cloud environments due to their ease of management and cost benefits. However, the trend towards multi-cloud solutions is gaining momentum, largely driven by a desire to enhance resilience. The survey uncovered that misconfigurations and vulnerabilities in serverless and container workloads are viewed as prominent concerns, with over twenty percent of respondents classifying true multi-cloud implementations as expensive and challenging to deploy.
Data privacy and integrity are of paramount concern for financial institutions as they venture into generative artificial intelligence technologies. The survey revealed a greater degree of anxiety among financial institutions regarding AI’s potential misuse for cyberattacks compared to their non-financial counterparts.
In recent years, the financial services sector has accelerated AI adoption to streamline operations, enhance efficiency and accuracy. However, the Financial Stability Oversight Council raised alarms in its 2023 annual report about the risks introduced by rapid AI deployments, which could pose significant cybersecurity and model risks, ultimately threatening financial stability. The report cautioned that the convincing yet flawed outputs from generative AI necessitate specialized expertise for effective assessment (see: US Regulators Warn of AI Risk to Financial Systems).
With half of the security practitioners surveyed citing insufficient talent as the greatest risk over the next two years, a critical skills gap looms in the financial sector. Other leading concerns include inadequate cloud security strategies and poor management of privileged account access.
The Cloud Security Alliance indicates that financial institutions require a highly skilled workforce to manage complex security infrastructures and respond to emerging threats. The report advocates for investments in continuous training programs aimed at enhancing the skills of existing personnel, as well as strategies for attracting and recruiting cybersecurity experts and IT professionals proficient in specialized areas to strengthen the overall security posture of these organizations.
