Compromised cloud accounts (opens in a new tab) cost organizations millions each year, according to a new report from cybersecurity firm Proofpoint and computer security research organization Ponemon Institute.
Part of the problem is that many do not know who is responsible for backing up this data. At the same time, criminals increasingly view the cloud as a treasure trove of sensitive data.
Average cost
The average cost of cloud account compromises rose to €6.2 million over the past 12 months, according to the report, adding that for the 600 IT and IT security professionals surveyed, account takeover represents a "significant security risk." The frequency and severity of these incidents have also increased over the past year.
In the last 12 months, organizations experienced an average of 64 cloud account compromises, 30% of which exposed sensitive data. Criminals are primarily interested in Microsoft 365 and Google Workspace accounts, and implement various phishing techniques to obtain credentials.
Less than half of those surveyed clearly defined who is responsible for protecting sensitive cloud-based data (opens in a new tab), and to make matters worse, about a third conduct "vigilant" security assessments of the cloud applications before implementing anything.
According to the report, strong authentication and adaptive access controls should be essential to secure access to cloud resources. Today, many organizations support multiple identity federation standards and agree that adaptive access controls are essential to protect those most at risk.
"Moving to the cloud and increasing collaboration requires a people-centric security strategy, supported by a cloud access security broker (CASB) solution that is integrated with a broader portfolio of cloud security, messaging and end points," said Tim Choi, vice president of product marketing. in Propoint.
“This approach effectively addresses issues like cloud account compromise, unauthorized access to cloud data, and cloud application governance. Organizations need clearly defined roles, established responsibility, and a CASB solution that can be up and running in hours, not weeks.