Four out of five companies have experienced at least one serious cloud security incident in the past 12 months, according to a new report from Snyk, with data breaches, data leaks and ocean breaches all growing woefully.
Attacks occur for a number of reasons: either because the company’s existing security solutions are not working properly, or because of their limited functionality in the cloud (Opens in a new tab) (78%), or organizations do not have an adequately educated and experienced workforce (93%).
Even cloud-native security solutions don’t help much. In fact, nearly half (41%) told Snick that they only “complicate” things.
“The widespread adoption of cloud-native application development has allowed modern developers to move faster and increase outputs to meet the demands of today’s enterprise,” said Andrew Wright of Snyk.
“However, new challenges and complexities have emerged as the overall attack space has widened and the clear delineation of security responsibilities has blurred.”
According to Wright, many of the issues companies face with cloud security today are caused by poor collaboration between different departments, as well as poor training that is not helpful in the digital transformation of the organization. In fact, 77% of companies see this as a “huge challenge,” he said.
“For example, when different teams use different policy tools or frameworks, reconciling work across these teams and ensuring consistent implementation can be challenging.”
This isn’t the first time researchers have warned of more pain from cloud penetration.
In early June, the 2022 Thales Cloud Security Report found that nearly half (45%) of companies had experienced a cloud-based data breach, or audit failure in the past 12 months, up 5% from 2021. What’s more, That a third (32%) should notify government, customers, partners and employees of a data breach.
The number of threats is also growing rapidly. The quarter (26%) saw an increase in malware and ransomware attacks against their endpoints (Opens in a new tab)One-fifth (19%) reported more phishing and whale attacks than last year.
Across: VentureBeat (Opens in a new tab)