decision makers will have fewer cloud vendors to choose from -- and potentially face higher prices.
Still, it's difficult to gauge how long the threat to the cloud hosting market may last. For example, 51% of respondents in our survey are still hosting data in the US, making the US the most popular host country outside their own countries. Part of the reason for this may be that people simply don't have other options. If they have a large customer base in the US, there's probably not a reasonable substitute for a US-based datacenter or hosting provider. But this may change as infrastructure in Canada, Mexico, and Brazil becomes more robust, generating cloud alternatives in the Americas that could threaten the US's position as the de facto choice for hosting.
Additionally, the US government is taking steps to scale back its surveillance activity, which could alleviate the fears of non-US cloud buyers who are still on the fence. But while President Obama has announced new restrictions on the NSA's phone-data collecting programs, it's unclear if this means change on a grander scale is coming, or if it's just a short-term fire drill to help bide time.
Has trust in the cloud (or in the Internet, for that matter) been permanently damaged? Likely not. Companies aren't abandoning the Internet or completely upending their business models, but there will be some fundamental changes in how they go about conducting certain business operations online -- for example, with choosing where and how to host their sensitive data in the cloud.
There is definitely hope for the US cloud industry if both government agencies and service providers strive to be more open, honest, and fair about where company data is located and how it's being used. Plus, privacy laws are still a mystery to many: 60% of UK and Canadian businesses agree they don't know as much as they should about data laws, and 44% feel that privacy and security laws still confuse them. This knowledge gap gives service providers an opportunity, not only to lead the discussion around data privacy, but also to educate their customers on what it means for their businesses.
Only time will tell if history remembers Snowden as a hero or a villain, and it will likely be a mix of both. Regardless, the NSA revelations have provoked a discussion around data privacy that will ultimately help improve the hosting and cloud industries on a global scale. The new tensions that have sprung up around privacy and security, even among ordinary citizens, are sending a strong message to businesses on how they should think about their and their customers' data.
Businesses should realize how accountable they are in giving customers ownership and control of their data whenever possible, and they should acknowledge their responsibility to be transparent when data is potentially exposed to third parties. Meanwhile, IT decision makers at federal agencies can follow suit and place pressure on policy makers to scale back programs that are ultimately detrimental to the efficiency and cost-effectiveness of the government itself.
The NIST cyber-security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work? Read the Protecting Critical Infrastructure issue of InformationWeek Government today.