Last month, we witnessed Obama signing an executive order on cyber security, vowing to strengthen the nation's critical infrastructure through cross-sector information-sharing and framework. While increasing the amount of IT infrastructure moves to the cloud, it is the right time to reflect on addressing security concerns in the cloud.

Though security is one of the top concerns in the punch bag list in most of the enterprises, majority of the companies are not safe using the cloud services. A GAO report based on the views of CIOs at 22 major U.S. agencies, listed several security concerns: vendors using ineffective security practices, agencies not able to examine the security controls of vendors, cyber criminals targeting data-rich clouds, and agencies losing access to their data if the relationship with a vendor ends. Moreover, highly regulated industries such as banking, insurance, and healthcare face potential security threats owing to breaches and compliance.

Studies indicate that some merchants and businesses that manage or store credit card numbers and other sensitive information do not use data encryption software. But awareness towards security breaches and compliance issues is on a rise and more and more companies are now looking towards cloud information protection. So as cloud technologies mature, cloud providers will need to address this concern so that customers who utilize cloud infrastructure can gain visibility into their security postures within the cloud.

So going forward, Obama's new law would incorporate and address private sector concerns while at the same time providing information sharing and collaboration between government and private sector which will provide additional security to critical infrastructure such as banking, industry, telecom and utilities sectors. What enterprises need to focus on is, while making the switch to cloud computing, organizations should search for cloud providers that use high-end firewalls and intrusion detection systems and which undertake regular independent security tests of their environments. This would help us in maximizing the cloud computing market, which is expected to grow to $206.6 billion by 2016.

However neither the CIOs nor the enterprise IT entrepreneurs have taken these issues relatively seriously and need to be more serious about it. It is sad that, "The most important things that one's working on are not necessarily the most important things that one thinks one's working on." And Obama’s new law calls for it to reflect.