Four in five companies have had at least one serious cloud security incident in the past 12 months, a new report from Snyk has found, with data breaches, data leaks, and perimeter breaches all sadly increasingly common.
The attacks occur for a number of reasons: either because a company’s current security solutions don’t work properly, or have limited functionality in the cloud (opens in new tab) (78%), or the organizations don’t have an adequately educated and experienced workforce (93%).
Even cloud-native security solutions don’t help that much. In fact, almost half (41%) told Snyk they only “further complicate” things.
Poor collaboration
“The widespread adoption of cloud-native application development has enabled modern developers to move faster and increase outputs to meet the demands of today’s enterprise,” said Snyk’s Andrew Wright.
“However, new challenges and complexities have emerged as the overall attack surface has expanded and the clear delineation of security responsibilities has blurred.”
According to Wright, many of the problems businesses are seeing with cloud security today happen as a result of poor collaboration between different departments, as well as poor training that doesn’t help with the organization’s digital transformation. In fact, 77% of firms see this as a “major challenge”, he said.
“For instance, when different teams use different tools or policy frameworks, reconciling work across those teams and ensuring consistent enforcement can be challenging.”
This is not the first time researchers are warning about more pain coming from cloud breaches.
In early June, the 2022 Thales Cloud Security Report found almost half (45%) of businesses experienced a cloud-based data breach, or failed audit in the past 12 months, up 5% from 2021. What’s more, a third (32%) have had to notify the government, customers, partners, and employees, of a data breach.
The number of threats is also growing fast. A quarter (26%) have experienced an increase in malware attacks, and ransomware attacks, against their endpoints (opens in new tab), while a fifth (19%) spotted more phishing and whaling than a year ago.
Via: VentureBeat (opens in new tab)
