Proofpoint, Inc. and Ponemon Institute released the results of a new study on “The Cost of Cloud Compromise and Shadow IT.” The average cost of cloud account compromises reached $6.2 million over a 12-month period, according to over 600 IT and IT security professionals in the U.S. In addition, 68% of these survey respondents believe cloud account takeovers present a significant security risk to their organizations, with more than half indicating the frequency and severity of cloud account compromises has increased over the last 12 months.
Douglas Murray, CEO at Valtix, says, "Clearly, the vast majority of organizations are at some stage of cloud migration and security is top of mind. And with 68% of participants in this survey pursuing a multi-cloud strategy, security can be a huge challenge. Each cloud infrastructure provider has unique security controls and architectures that one must understand. Organizations need to look for cloud-first models of security or the risk is high that the cost and frequency of cloud data breaches will continue to rise.
Only 44% of survey respondents believe their organizations have established clearly defined roles and accountability for safeguarding confidential or sensitive information in the cloud. Risks are also magnified as fewer than 40% of respondents say their organizations are vigilant in conducting cloud app assessments before deployment.
Tim Bach, Vice President of Engineering at AppOmni, explains, "One of the most notable impacts of the pandemic was the acceleration of migrations to cloud services that were already planned or underway. Almost overnight, shifts that may otherwise have been executed over the course of multiple quarters were put into effect, pushing more business processes, workloads, and sensitive data into cloud services."
Bach adds, "The accelerated migration to the cloud means that security team workloads are as high as they’ve ever been. My recommendation to security leaders is to identify posture management tooling that can be deployed to augment manual efforts and continuously monitor entitlements in SaaS. Prioritize tooling that can integrate with existing security stacks (Splunk, Sumo, etc.) so that teams don’t need to create new workflows and commitments to support newly critical SaaS deployments. Utilizing newly-available automated solutions can free up your team to focus on the strategic shift to the cloud rather than needing to manually track every user and connected application."
Additional key survey findings include:
- Cloud account compromises are costly incidents and present a significant security risk. According to 86% of respondents, the annual cost of cloud account compromises is over $500,000. Survey respondents also reported 64 cloud account compromises per year on average, with 30% exposing sensitive data. Nearly 60 percent of respondents indicated Microsoft 365 and Google Workspace accounts are heavily targeted by brute force and phishing-based cloud attacks. Overall, over 50% of respondents say phishing is the most frequent method attackers use to acquire legitimate cloud credentials.
- Shadow IT is creating substantial risks for organizations. Seventy-five percent of respondents say the use of cloud apps and services without the approval of IT is a serious security risk. Additional practices also increased risks including the move to the cloud and mobile workforce (72 percent) and cloud-based collaboration/messaging tools for sharing sensitive or confidential files (70%).
- Strong authentication and adaptive access controls are essential in securing admission to cloud resources. Over 70% of respondents supported multiple identity federation standards, including SAML, and controlling strong authentication prior to accessing data and applications in the cloud. Sixty-one percent agreed adaptive access controls to protect users most at risk are essential.
Heather Paunet, Senior Vice President at Untangle, notes, "As more and more companies adopt some degree of cloud security, there remains a host of issues surrounding protecting businesses against threats to cloud security. Data breaches, lack of visibility, poorly constructed APIs and insufficient credential/password management remain common threat concerns for organizations."
Paunet adds, "While the cloud can provide numerous advantages, recent breaches have made some organizations take pause and slow down the pace of migrating to the cloud. The solution, however, isn’t buying the most expensive enterprise package with all the bells and whistles; including tools that will never be used. There are easy, cost-effective steps companies can take to ensure their data is secure in the cloud."
To download The Cost of Cloud Compromise and Shadow IT, please visit: https://www.proofpoint.com/us/resources/analyst-reports/cost-of-cloud-compromise-and-shadow-it. For more information on Proofpoint Cloud App Security Broker (Proofpoint CASB), please visit: https://www.proofpoint.com/us/products/cloud-security/cloud-app-security-broker