Report: NSA Snooping Could Cost US Cloud Companies Billions – a CipherCloud Perspective

A report issued yesterday by the Information Technology & Innovation Foundation (ITIF) provides a speculative estimate that the recent NSA / PRISM revelations could potentially cost the US Cloud market $21-$35 billion over the next 3 years.  While the report acknowledges that “the data are still thin” and “this is a developing story and perceptions will likely evolve” – it does raise significant issues and second-guessing around the current wave of cloud adoption.

Storm clouds 2

While a few dominant US cloud providers may see some losses to (currently non-existent) overseas competitors, the issue is much broader than cloud vendor profits. The rapid growth in corporate cloud adoption is driven by basic economics – the cloud is dramatically less expensive, more efficient, and offers powerful new capabilities that most organizations can’t replicate in-house. This is reflected by a massive reduction in enterprise owned and managed data centers with many companies moving away from running their own “utilities” and off-loading everything possible to infrastructure-as-a-service providers like Amazon Web Services, or application platforms like Salesforce.

So the broader question is – if the NSA revelations cause a significant pull-back from the cloud, how much will this cost enterprises in terms of lost savings? It’s impossible to calculate, but arguably many times larger than the roughly $30 billion estimated by the ITIF.  $100 billion? $300 billion?  Sure, why not… multiple a WAG by a big number and you get a huge number…

But before we get carried away with doomsday estimates, let’s take a deep breath. The cloud isn’t going away. The most nimble companies have embraced the cloud, making them more competitive than companies stuck with expensive, legacy on-premise systems. The late adopters will find it increasingly hard to compete in a cloud-driven economy.

That’s not to say that concerns over security, snooping, hacking, and aggressive big data marketing aren’t valid. Security and privacy issues continue to be the biggest concern and inhibitors to broader cloud adoption.

Understandably, many governments outside the US are pushing for stronger laws and greater assurance that private data will not leave their borders. For example, the French government has made significant investments in building local cloud capabilities. While politically popular, these initiatives seem like a step backwards. Businesses are increasingly global, and data needs to flow across borders. Assuring that data never leaves a specific country seems like a recipe for being isolated and less competitive.

Encryption graphic

The current frenzy over the NSA-PRISM-XKeyscore-Snowden-WikiLeaks obscures a basic fact, well understood by most IT security practitioners. The Cloud lacks security. And the scale of government snooping, hackers hacking, and advertisers tracking every click and purchase you make are all bound to grow. You can stop using the cloud, stop doing business with outsiders, and move to a small windowless cabin in the wilderness. Or – you can find effective ways to protect sensitive data, regardless of where it goes. Encrypting your data, while maintaining exclusive control over the keys can let you realize the benefits of the cloud – and eliminate the worry of who is looking over your shoulder.

Join over 5,000 subscribers - best practices and tips delivered weekly to your inbox.
We respect your privacy. Your email address will never be sold or shared with anyone else.
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *