While cloud has become an indispensable component of digital transformation, it has also become a huge data security risk for organizations.
Device-to-cloud cybersecurity company McAfee recently released its Cloud Adoption and Risk Report that details key findings on the use of SaaS, IaaS, and PaaS and how some organizations are clueless on the amount of data they are risking by using the cloud.
McAfee analyzed aggregated, anonymized cloud usage data for over 30 million McAfee MVISION Cloud users worldwide at companies across all major industries including business services, education, energy, financial services, healthcare, high tech, legal, manufacturing, public sector, real estate, retail, transportation, and utilities.
According to McAfee, users from across these industries “generate billions of unique transactions in the cloud each day. The McAfee cloud service registry tracks over 50 attributes of enterprise readiness, which provides the ability to track behavior using detailed data signatures for over 25,000 cloud services. Additional contextual data was sourced from our 2018 survey of 1,400 security professionals in 11 countries, all using public or private cloud services.”
The race to digital transformation, in order to serve customers better, also created an open space for user data breaches. Quoting the report, “The average enterprise experiences more than 2,200 misconfiguration incidents per month in their infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) instances.”
The average enterprise uses 1,935 different cloud services.
“Security incidents are no longer isolated to PCs and applications on the network, owed primarily to the scale of corporate data stored in the cloud today as well as the sheer number of events taking place in the cloud. The average organization experiences 31.3 cloud-related security incidents each month, a 27.7 percent increase over the same period last year.”
The report says that 21 percent of all files in the cloud contain sensitive data, demonstrating a steady increase year-over-year (YoY). Unwitting — or unconcerned — users have been exposing their data with the report saying that 22 percent of cloud users share files externally recording up to 21 percent YoY increase. Sharing sensitive data with an open, publicly accessible link — linking social media accounts or email to a third-party service — has increased by 23 percent YoY. Sensitive data sent to a personal email address also increased by 12 percent YoY.
The study reveals that contrary to common belief, cloud service providers “only” cover the security of the cloud leaving customer data or customer use of their infrastructure and platforms “unsecured.”
“Operating in the cloud has become the new normal for organizations, so much so that our employees do not think twice about storing and sharing sensitive data in the cloud,” said Rajiv Gupta, senior vice president of the Cloud Security Business, McAfee. “Accidental sharing, collaboration errors in SaaS cloud services, configuration errors in IaaS/PaaS cloud services, and threats are all increasing. In order to continue to accelerate their business, organizations need a cloud-native and frictionless way to consistently protect their data and defend from threats across the spectrum of SaaS, IaaS and PaaS.”
Compromised accounts and insider threats, according to the report, are the main causes of threats to data stored in the cloud. The firm finds out that 3,217 anomalous behaviors are recorded from the 3.2 billion events an average organization records in a month. Of this number, 31.3 are “actual threat.”
McAfee’s report further states that threat events in the cloud, “such as a compromised account, privileged user, or insider threat, have increased 27.7 percent YoY.”
Interestingly, threats in Office 365 is growing by 63 percent YoY.
A whopping 80 percent of all organizations had recorded at least one compromised account threat a month. What is even more disturbing is the revelation that “92% of companies have cloud credentials for sale on the Dark Web,” the report says.
With these findings, the McAfee advises organizations “to get ahead of comprised accounts and insider threats, organizations should understand how cloud services are used. They should also identify anomalous behavior, such as when the same user accesses the cloud from disparate locations simultaneously, which could indicate a compromised account threat.”
The firm suggests implementing cloud access security brokers (CASB), “which are cloud-native services that enforce security, compliance, and governance policies for cloud services. They help organizations leverage and extend their existing security controls where appropriate and define and deploy new cloud-native ones where appropriate to enable enterprises to consistently protect their data and defend from threats across the spectrum of SaaS, IaaS and PaaS.”
Image by Dom Ide/Pixabay