A new report reveals that while many security professionals admitted to leveraging high-risk practices and behaviors in their cloud environments, they remain confident that their security tools and processes will protect their organizations against well-orchestrated attacks. That high confidence level persists even among organizations that have already experienced unauthorized access or a data breach in their environment. 

Permiso recently released the 2023 Cloud Detection and Response Survey which polled more than 500 security, IT and engineering professionals to understand how their organizations address security challenges within their cloud environments. The survey assessed both the respondents cloud security practices and the scale of their environment, including the number of identities and secrets they manage, response time to an attack, the different methods of access into their environment and the types of solutions they utilize to help secure their environments. It also assessed their confidence level in the ability for their tools and teams to both defend against or detect a breach in their environment.

Permiso compared its findings to related industry benchmarks such as Verizon’s 2022 Data Breach Investigations Report, research from several leading security experts, and production data from tens of thousands of cloud environments and cloud incident responses from Palo Alto Networks and Google/Mandiant, respectively.

Key report highlights

• 50% of respondents reported a data breach due to unauthorized access to their cloud environment.
• 95% expressed concern that their current tools and teams may be unable to detect and respond to a security event in their cloud environment. 
• 55% described their level of concern as “extremely concerned” and “very concerned.”
• Despite high-risk practices and widespread concern over a breach in their cloud environment, more than 80% of respondents feel that their existing tooling and configuration would sufficiently cover their organization from a well-orchestrated attack on their cloud environment.

More identities to manage

The survey found that managing identities across on-premise and cloud environments is a growing challenge for many enterprises. More than 80% of respondents manage at least 1,000 identities across their cloud environment. Roughly 44% manage at least 5,000 identities across on-premise and cloud environments. 

Many organizations manage a large number of identities across cloud authentication boundaries in federated environments. This management, especially when actions involve shared credentials and roles, makes it challenging to identify change attribution. While 25% of the respondents use federation to access their cloud environment, only a little more than half of them have full visibility into the access activity of those federated users.