IBM Survey Finds Security, Compliance Concerns Major Barriers to Cloud Adoption

October 9, 2022  Jeff B. Copeland

IBM surveyed 3,000 IT and business professionals at large companies worldwide for the IBM Transformation Index: State of the Cloud report and found that cloud adoption is about half-way to maturity – with uncertainty about cloud security risks and regulatory compliance standing in the way of more progress.

77% of those surveyed use hybrid cloud services (though healthcare and travel/transportation were laggards from the norm), with 23% managing workloads in multiple environments.

Cloud Risk - IBM State of Cloud Report

The survey found high adoption (at 60%) of cloud security tools such as multi-factor authentication, single sign on, or zero trust. Yet 54% agreed that “The public cloud is not secure enough for much of our data,” with security and cloud compliance the top reasons for considering moving workloads off the public cloud. 53% said that “ensuring compliance in the cloud is too difficult.” 

RiskLens is the leader in cyber risk management with risk quantification. 

While 64% would like to integrate business ecosystem partners (customers, suppliers and external contributors), 49% said they were being held back by data integrity/confidentiality/governance concerns and 47% by concerns about cloud cybersecurity risks. 

32% cited security as the top barrier to integrating workloads across environments. The manufacturing, consumer, industrial products and financial services industries in particular identified security as the leading barrier to integrating workloads. 25% agreed that security concerns “present a roadblock to achieving their cloud business goals.” 

The security and business executives surveyed identified another barrier to progress: 69% say their teams lack skills to be proficient in architecting/managing cloud applications. 

Cloud adoption at an inflection point

The bottom line, as revealed by this survey: Cloud adoption is at an inflection point.


  • Are widely adopting cloud security tools yet lack confidence in them to reduce cloud security risks.
  • Don’t have a handle on their controls environment or their assets to confidently hit cloud compliance standards.
  • Lack the staff or automated processes to confidently manage their cloud implementations in an effective or secure way.   

“There is a lot of expectation about what cloud can do for business transformation, and some growing awareness about what it will take,” IBM says. “There is a still a way to go towards mastering hybrid cloud.”