Cloud security: Half of all attacks start in the cloud

24 January 2024
| No comments
Cloud security: Half of all attacks start in the cloud

Share post

The results of a large-scale study show that cloud security clearly needs to be improved. Cloud attacks cost businesses an average of $4,1 million. But the Cloud Security Index: “Redefine Cloud Security with Zero Trust Segmentation” shows even more.

Illumio presents its new Cloud Security Index: “Redefine Cloud Security with Zero Trust Segmentation”. The global study provides information on the current state of cloud security, the impact of attacks on the cloud, and the reasons why traditional cloud security technologies fail to protect businesses in the cloud.

Vanson Bourne, an independent research firm, surveyed 1.600 IT and security decision-makers in nine countries and found that cloud risks are increasing, traditional cloud security tools are no longer sufficient, and that zero trust segmentation (ZTS) is for modern IT -Infrastructure is essential.

The most important findings are:

  • Traditional cloud security is failing modern businesses: Last year, nearly half of all data breaches (47 percent) originated in the cloud, and more than six in XNUMX respondents believe cloud security is inadequate and poses a serious risk to their business operations.
  • Cloud data breaches cost companies millions every year: On average, a company affected by a cloud attack last year suffered nearly $4,1 million in damages. 26 percent of respondents believe security breaches are not inevitable, posing a serious risk to companies and their customers.
  • ZTS is critical to cloud resilience: 93 percent of respondents agree that ZTS is an essential part of any cloud security strategy as it increases digital trust (61 percent), ensures business continuity (59 percent) and strengthens cyber resilience (61 percent).

Cloud issues are ubiquitous in today's complex, hybrid world

As companies move their most sensitive data to the cloud, the complexity and risk they face increases. 98 percent of companies store their most sensitive data in the cloud, including financial data, business intelligence, and customer or employee personal data. Still, more than 9 in 10 organizations are concerned that unnecessary or unauthorized connections between cloud services increase the likelihood of a compromise.

According to the study, the top threats to enterprise cloud security are:

  • Workloads and data that exceed classic system boundaries (43 percent)
  • Lack of understanding of the division of responsibility between cloud providers and vendors (41 percent)
  • Social engineering attacks (36 percent)
  • Lack of transparency in multi-cloud implementations (32 percent)
  • increasing malware and ransomware attacks (32 percent).

Where traditional cloud security tools fail

The overwhelming majority of respondents believe their organization's current approach to cloud security poses significant risks:

  • 95 percent say they need better visibility into connectivity with third-party software.
  • This lack of transparency impacts companies' ability to respond to attacks. 95 percent of respondents said they need to improve their response time to cloud attacks.

Respondents are concerned about the business impact of a cloud attack - the top three concerns are:

  • Damage to reputation and loss of public trust (39 percent)
  • Loss of sensitive data (36 percent)
  • Loss of revenue-generating services (35 percent).

Zero trust segmentation is an essential element for cloud security

93 percent of IT and security decision-makers believe that segmenting critical assets is a necessary step to secure cloud-based projects. Additionally, companies with specialized micro-segmentation technology are less likely to have experienced a cloud attack in the last year (35 percent) than companies without this technology (43 percent). And ZTS addresses enterprise visibility and security concerns by:

  • Continuously monitor connectivity between cloud applications, data and workloads (55 percent)
  • Minimizing the reach and impact of an attack by containing its spread (51 percent)
  • Insights into unnecessary connectivity that could lead to increased vulnerability (45 percent).

Cloud security will become a priority

“As cloud environments are dynamic and interconnected, it is becoming increasingly difficult for security teams to cope with traditional solutions,” said John Kindervag, Chief Evangelist at Illumio. “Organizations need modern security approaches that provide real-time visibility and containment as standard to minimize risk and maximize the capabilities of the cloud. I am optimistic that nearly every security team will prioritize improving cloud security in the coming months and that they will see solutions like ZTS as an essential part of their Zero Trust journey.”

Illumio also introduces CloudSecure, the industry's most comprehensive ZTS platform to help security teams address the most pressing cybersecurity challenges in hybrid and multi-cloud environments, endpoints and data centers. Illumio's ZTS platform visualizes the connections throughout an organization's environment. Illumio ZTS makes it easy for security teams to prioritize and create their micro-segmentation policies to prevent attackers from spreading throughout the IT environment and reaching critical resources and data. This reduces risk and increases resilience.

Methodology of the study

In September 2023, Illumio Vanson commissioned Bourne to conduct a global study of 1.600 IT and security decision-makers on the current state of cloud security and the impact of segmentation. The findings included the opinions of senior information security and IT professionals in the US, UK, France, Germany, Australia, Japan, Singapore, Saudi Arabia and the United Arab Emirates.

Go directly to the report on Illumio.com

 

About Illumio

Illumio, the pioneer and leader in zero trust segmentation, prevents security breaches from becoming cyber disasters. Illumio protects critical applications and valuable digital assets with proven segmentation technology built specifically for the Zero Trust security model.

Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

DSPM product suite for Zero Trust Data Security

Data Security Posture Management – ​​DSPM for short – is crucial for companies to ensure cyber resilience against the multitude ➡ Read more

Data encryption: More security on cloud platforms

Online platforms are often the target of cyberattacks, such as Trello recently. 5 tips ensure more effective data encryption in the cloud ➡ Read more

 

PR News
, , , ,