Nearly three quarters (70 per cent) of organisations experienced a public cloud security incident in the last year – including ransomware and other malware (50 per cent), exposed data (29 per cent), compromised accounts (25 per cent) and crypto-jacking (17 per cent).
The latest State of Cloud Security annual survey from Sophos revealed that running multi-cloud environments are twice as likely to suffer a cloud security incident than those running a single cloud.
The research was conducted by Vanson Bourne among more than 3,500 IT managers across 26 countries in Europe, the Americas, Asia Pacific, the Middle East and Africa, which currently host data and workloads in the public cloud.
Europeans suffered the lowest percentage of security incidents in the cloud, an indicator that compliance with General Data Protection Regulation guidelines is helping to protect organisations from being compromised.
Accidental exposure continues to be a problem for companies, with misconfigurations exploited in 66 per cent of reported attacks.
Additionally, a third of organisations reported that cyber criminals gained access through stolen cloud provider account credentials. Despite this, only a quarter of those surveyed said that managing access to cloud accounts was a top area of concern.
Data from Sophos Cloud Optix, a cloud security posture management tool, showed that 91 per cent of accounts have overprivileged identity and access management roles, and 98 per cent have multi-factor authentication disabled on their cloud provider accounts.
Nearly all respondents (96 per cent) admitted to concerns about their current level of cloud security. Data leaks topped the list of security concerns for nearly half of respondents (44 per cent), with identifying and responding to security incidents coming a close second (41 per cent).
Chester Wisniewski, principal research scientist at Sophos, commented: “The recent increase in remote working provides extra motivation to disable cloud infrastructure that is being relied on more than ever, so it’s worrisome that many organisations still don’t understand their responsibility in securing cloud data and workloads.
"Cloud security is a shared responsibility, and organisations need to carefully manage and monitor cloud environments in order to stay one step ahead of determined attackers.”
Latest News
-
Beermaker Asahi restarts production in Japan following cyberattack
-
BT to roll out 5G standalone to 99% of UK by 2030
-
Firefly acquires SciTec in deal worth $855m
-
Asos launches immersive video shopping on app
-
ECB taps Portuguese start-up to build AI fraud shield for digital euro
-
Samsung partners with Coinbase for crypto services
The future-ready CFO: Driving strategic growth and innovation
This National Technology News webinar sponsored by Sage will explore how CFOs can leverage their unique blend of financial acumen, technological savvy, and strategic mindset to foster cross-functional collaboration and shape overall company direction. Attendees will gain insights into breaking down operational silos, aligning goals across departments like IT, operations, HR, and marketing, and utilising technology to enable real-time data sharing and visibility.
The corporate roadmap to payment excellence: Keeping pace with emerging trends to maximise growth opportunities
In today's rapidly evolving finance and accounting landscape, one of the biggest challenges organisations face is attracting and retaining top talent. As automation and AI revolutionise the profession, finance teams require new skillsets centred on analysis, collaboration, and strategic thinking to drive sustainable competitive advantage.
© 2019 Perspective Publishing Privacy & Cookies
Recent Stories