Some are struggling with internal teams in their efforts to respond to cloud security incidents.
IT professionals are unhappy with their cloud providers due to the lack of visibility into cloud deployments and associated security practices.
According to the report, "Orchestrating Security in the Cloud" sponsored by CloudPassage, 48% of respondents are unhappy about the lack of visibility, while 46% found that a lack of virtual machine and workload visibility was a major pain point.
This was followed by provider-introduced vulnerabilities which 26% of the respondents claimed was a problem.
However, 40% of the respondents claimed that they stored sensitive data in the cloud, with 40% stating that unauthorised access of data by tenants concerned them with public cloud deployments.
Nearly 33% said that a lack of transparency with their public cloud providers’ operations is a reason for their concerns.
Malware was the top private-cloud attack vector with 33% of organisations claiming that Malware caused breaches in the cloud, while 36% claimed Denial-of-Service (DoS) as the top attack vector in the public cloud.
The survey also found that nearly 40% of the respondents used hybrid cloud architectures, with 43% planning to move to hybrid cloud architectures.
Around 38% of the respondents used private cloud implementations and only 12% of respondents indicated that their organisations use public cloud implementations.
CloudPassage CMO Mitch Bishop said: "The results this SANS Institute research reinforce what high-level security execs told us recently during a key cloud adoption driver survey with CSO Magazine.
"When it comes to elastic infrastructure, everyone in the organization wants to increase speed while still being able to maintain security.
"Visibility, enforcement and compliance that is on-demand, deploys in minutes, fully automates a majority of security controls, and works anywhere – data centres, private clouds and public clouds – is becoming essential."