According to the latest Symantec Cloud Security Threat Report (CSTR), more than half of organizations believe that security cannot keep up with cloud adoption.
The cybersecurity company surveyed 1,250 security policymakers around the world to compile its report. This report has revealed a number of insights into the changing cloud security landscape.
Symantec found that businesses had reached a tipping point: More than half (53%) of the company's IT workload was now cloud-based. At the same time, security practices are struggling to keep up with 54% of companies surveyed saying their company's cloud computing security maturity does not allow them to keep up with the rapid development of cloud applications.
Nico Popp, Senior Vice President of Cloud Information and Protection at Symantec, explained how the move to the cloud has left companies open to data breaches, saying:
“The adoption of new technologies has almost always led to security breaches, but we have found that the fracture created by cloud computing poses a greater risk than we realise, given the large amount of sensitive data and reviews stored. on the cloud.
"Data breaches can have a clear impact on business results, and security teams are desperately trying to prevent them." However, our 2019 CSTR shows that it's not the underlying cloud technology that has exacerbated the problem of data breaches: it's immature security practices, overburdened IT staff, and risky end-user behavior regarding data breaches. to cloud adoption."
Cloud security
Symantec research found that companies struggled to modernize their security practices as cloud services did, and 73% of them had a security incident due to immature practices.
Lack of visibility into cloud workloads is the leading cause, with an overwhelming majority of respondents (93 percent) reporting problems with tracking all cloud workloads. For example, Symantec research has shown that companies estimate they use 452 cloud applications on average, while their actual number is almost four times higher (1,807).
Immature security practices, including misconfiguration and failure to use encryption or multi-factor authentication (MFA), expose businesses to increased risk from insider threats that respondents consider to be the third-biggest threat to cloud infrastructure.
Cloud adoption is also taxing IT teams, with Symantec's report finding that 25 percent of cloud security alerts are not being processed. The majority (64%) of security incidents occur at the cloud level, with more than half of respondents admitting they can't keep up with security incidents.
Risky user behavior is another challenge security teams face. Nearly one in three employees exhibits risky behavior in the cloud. This leads to improper storage of sensitive data in the cloud, making businesses more vulnerable to data breaches.
Cloud security is an issue most businesses are facing today. We hope that Symantec's report sheds more light on this topic.