/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow Us/ciol/media/post_banners/wp-content/uploads/2019/07/Symantecs-Cloud-Security-Threat-Report.jpg)
For years, the cloud has been changing the way enterprises work. But we’re now at where the cloud doesn’t merely help the business. Today, the cloud is the business. Put simply, it’s the way we get things done.
That transformation has helped enterprises. But it also brings with it a serious set of cyber security challenges, including a lack of visibility into corporate infrastructure, the difficulty of protecting complex, heterogeneous IT environments, and a growing number of attack surfaces.
Cloud-Related Dangers
For the Cloud Security Threat Report, Symantec surveyed 1,250 security decision makers worldwide to understand the shifting cloud security landscape, the scope of shadow IT and shadow data usage, and to gauge the maturity of security practices as enterprises transition to the cloud.
We found that the complexity in the way the cloud is used creates serious visibility problems for IT. Tracking these cloud workloads is a universally recognized problem. Ninety-three per cent of survey respondents report they have issues keeping tabs on all their cloud workloads. And the problem will continue to grow rapidly.
Most IT and SecOps organizations are underestimating the amount of cloud in use and it’s growth rate. According to the survey, the average organization believes its employees are using 452 cloud apps. However, according to Symantec’s own data, the actual number of shadow IT apps in use per organization is nearly four times higher, 1,807. The survey found cloud app deployment increased 16 per cent over the past 12 months and is expected to surge 22 per cent in the next year. Given the significant underestimation of apps in use coupled with the rapid growth rate, organizations are facing a mounting challenge to secure their migration to the cloud.
/ciol/media/post_attachments/a367948dbf3ce208719669f3f36b1ef28643789961c5a176ea4e9ccdda647549.png)
Apps aren’t the only problem. The cloud makes it easy for enterprises to lose control of their data. Oversharing cloud files containing sensitive and compliance-related data was cited as a problem by 93 per cent of respondents. Additionally, according to the survey, respondents are underestimating the risks associated with compromised accounts by a factor of 8.
The survey also found companies aren’t able to adapt their security to their increasing cloud use. More than half of respondents (54 per cent) say their organization’s cloud security hasn’t been able to keep up with the expansion of their use of new cloud apps.
Because of organizations’ immaturity in cloud security, enterprises often underestimate the scale and complexity of cloud attacks. The survey found DDOS attacks and cloud malware injections are the three most commonly investigated cloud security incidents. And while they struggle with stopping data breaches, internal Symantec data also indicates that unauthorized access threats account for the bulk of such incidents (64 per cent.) That shows that organizations’ security culture and behavior are struggling to keep pace with the shift to the cloud. Indeed, Symantec internal data shows that 85 per cent of companies are not using the best cloud security practices as outlined by the Center for Internet Security.
What to Do Next
The cloud is the center of IT and increasingly, the foundation for cyber security. Understanding how threat vectors are shifting in the cloud is fundamental to making the necessary updates to your security program and strategy. Symantec’s Cloud Security Threat Report shines a light on how to secure the digitally transformed, virtual organization of today and tomorrow.