Nearly two-thirds (65.1%) of respondents said they currently have data resident in the public cloud (Amazon Web Services, Microsoft Azure, or Google Cloud Platform), according to a new Laminar survey.

The report, 2022 Security Professional Insight Survey conducted at AWS re:Inforce in July 2022 and Black Hat in August 2022, revealed gaps in organizations’ defenses that security teams will want to proactively address to reduce their risk of data exposure.

A total of 415 security professionals participated, representing both leadership and line roles. 

Public Cloud Data Security Adoption Lags Public Cloud Usage, Creating Gaps Attackers Can Exploit 

With public cloud adoption having a compound annual growth rate (CAGR) of nearly 26%, it’s surprising that respondents haven’t yet hardened data security for these assets. Less than half (40.3%) said that they had a public cloud data security tool in place to monitor for insider and outsider threats and data exfiltration. 

As a result, many organizations lack visibility into unauthorized public cloud data access. More than a third (38.3%) don’t know if they have had a third party successfully exfiltrate their public cloud data in the past six months, while nearly one in ten (9.6%) have experienced a recent exposure.

Similarly, more than a third (37.4%) can’t tell whether an internal employee has accidentally accessed sensitive data in the cloud. As a result of organizations’ lack of visibility, it’s likely that data exfiltration rates are much higher than reported. 

Public cloud usage is likely to grow as organizations continue to embrace hybrid work, accelerate digitization and seek to increase business agility and flexibility. That means more sensitive data will be placed in the public cloud.

Yet, organizations’ current security practices are ill-equipped to protect this vital information, creating an opening for both insiders and outsiders to exploit. 

“The acceleration of public cloud adoption and hybrid work model have unfortunately created blindspots for security teams,” said Amit Shaked, CEO and co-founder of Laminar.

Shaked suggests security teams can immediately improve visibility into who is accessing and using their data by deploying public cloud data security technology.