Thales cloud safety research exhibits that 79% of organizations have a couple of cloud supplier and 75% of firms stated they retailer at the least 40% of their delicate knowledge within the cloud.
Whereas Thales, in its 2023 Cloud Safety Research, discovered that nicely over a 3rd (39%) of companies skilled an information breach of their cloud surroundings final yr versus 34% in 2021, organizations are more and more caching delicate knowledge in a number of cloud environments.
Within the report, primarily based on a survey of three,000 IT and safety groups throughout 18 nations in EMEA, the Americas and Asia Pacific:
- Seventy-five % of IT executives categorised as delicate greater than 40% of their knowledge saved within the cloud, in comparison with 49% this time final yr.
- Thirty-eight % of respondents stated software program as a service purposes are the primary goal for hackers, adopted by cloud-based storage (36%).
Multicloud inflicting operational complexity
The research exhibits how extra firms are utilizing extra cloud service suppliers, monitoring with the 35% development within the variety of reported suppliers out there. The research authors famous that the typical variety of cloud infrastructure suppliers is now 2.3, and that greater than three-quarters (79%) of this yr’s respondents have a couple of cloud supplier (Determine A).
Determine A
“With a bigger variety of platforms to safe, the chance for operational errors grows, growing the assault floor with every error. Organizations both should dedicate separate groups to specialise in every platform or count on their safety groups to turn out to be well-versed in a number of platforms on the similar time,” in keeping with the research.
Extra delicate knowledge being saved within the cloud
The research reported that organizations are lifting extra workloads and knowledge into the cloud: The variety of organizations that reported that 60% or extra of their workloads are within the cloud elevated from 23% to 27% yr over yr.
SEE: Learn how IBM is boosting cloud knowledge follow (TechRepublic)
The report polled respondents two methods about delicate knowledge within the cloud to find out how they’re deploying their knowledge and noticed will increase in each instructions. The survey requested about:
- The proportion of a corporation’s whole delicate knowledge that’s saved within the cloud.
- The proportion of the entire knowledge a corporation shops within the cloud that’s delicate.
It discovered that:
- In final yr’s research, 52% of respondents stated that greater than 40% of their delicate knowledge was within the cloud. This yr, that quantity elevated to 64%.
- The variety of respondents who stated that 40% or extra of their knowledge saved within the cloud is delicate knowledge, elevated from 49% in final yr’s research, to 75% this yr.
Encryption is growing, however slowly
On this yr’s research, 22% of respondents stated that over 60% of their delicate knowledge within the cloud is encrypted and 40% stated over half of that cloud-based delicate knowledge is encrypted. These numbers represent an enchancment from final yr’s research, which reported that solely 17% of respondents had stated over half of their delicate knowledge within the cloud was encrypted. That stated, solely 2% stated 100% of their delicate knowledge within the cloud is encrypted (Determine B).
Determine B
Moreover, 62% of IT executives who responded to the survey stated they’ve 5 or extra key administration techniques, which Thales stated constitutes elevated complexity for securing delicate knowledge.
Software program-as-a-service creating safety challenges
Not solely do most firms report having a number of cloud service suppliers, the rise in using SaaS apps is increasing the menace floor for knowledge exfiltration:
- Within the 2022 research, 16% of respondents reported their enterprises deployed 51-100 completely different SaaS purposes.
- On this yr’s research, that proportion grew to 22% of respondents, and 55% (versus 46% within the prior yr) famous that managing knowledge within the cloud is extra complicated than in on-premise environments.
- Moreover, 83% expressed issues over knowledge sovereignty, with 55% of respondents asserting that knowledge privateness and compliance within the cloud has turn out to be harder.
The research included a rating query on which assault targets are most certainly to be attacked. SaaS was talked about first by 38% of respondents, adopted by cloud storage at 36% of these polled. Moreover, the research’s authors stated the variety of survey respondents reporting an information breach throughout the research interval was up 4% from final yr’s report — 35% to 39%.
Knowledge breaches and human error
Over half (55%) of respondents to the survey stated human error triggered cloud knowledge breaches at their organizations, however solely 41% of organizations have applied zero-trust controls of their cloud infrastructure — solely 38% use zero-trust protocols of their cloud networks. Nevertheless, extra firms are adopting authentication protocols for workers: 65% of respondents to Thales’ survey stated they now deploy multifactor authentication.
SEE: Palo Alto Networks on otherwise about cloud safety (TechRepublic)
“Organizations are working in a dynamic multi-cloud panorama, demanding seamless and environment friendly safety measures,” stated Sebastien Cano, senior vice chairman for cloud safety and licensing actions at Thales.
“To beat challenges arising from human error and misconfiguration, it’s crucial that knowledge protections within the cloud are simplified and simply manageable.” He stated that the important thing to enhancing cloud safety lies in treating cloud environments as an extension of present infrastructure. “By adopting this strategy, organizations can successfully bolster safety and guarantee complete safety throughout your complete digital ecosystem.”
