Diving brief:
Cloud security is a top priority for organizations around the world. Thales found in a study released Tuesday. The report is based on a survey of 3,000 IT and security professionals from 18 different countries.
More than 2 in 5 respondents said they had experienced a breach in their cloud environments in the past, with 14% of respondents reporting a breach in the past year.
Nearly a third of incidents were blamed on human error and misconfiguration. Respondents also cited exploitation of known vulnerabilities in 28% of breaches and failure to use multi-factor authentication in 17%.
Insight Diving:
Thales' research comes at a time when cloud security is under intense scrutiny.
major cloud service providers, Such as Microsoft and othershas been targeted by sophisticated threat groups that target companies, government agencies, and other organizations that store data in the cloud.
A wave of attacks has affected at least 100 Snowflake client environmentswith those incidents associated with failure to use the MFA method.
“The cloud is not inherently more secure than the primary cloud,” Todd Moore, vice president of data security products at Thales, said via email. “Security is entirely determined by the measures taken to identify and protect data within the cloud, and this responsibility lies with service providers and users.”
As cloud adoption becomes more widespread, companies are finding that the attack surface – and the complexity of the network environment – is becoming more complex.
App creep is partly to blame. The Thales study found that two-thirds of organizations say they use 25 or more SaaS applications. Nearly half of the data in the cloud is considered sensitive.
Despite the high level of sensitivity, only 10% of organizations say they have encrypted 80% of their data.
