Over 60% of Enterprises Fail to Build Effective Cloud Security

Uploaded on 2019-08-21 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Well over half of organisations are failing to protect their data, saying that their cybersecurity methods aren’t maintaining their changes and up-grades that cloud security requires according to Symantec.

The security giant polled 1250 IT decision-makers in 11 countries worldwide to compile its 2019 Cloud Security Threat Report.  It revealed that while 63% of enterprise workloads have now been migrated to the cloud, a similar percentage of organisations are struggling to keep pace with the expansion of cloud apps.

Most (93%) said they are having trouble keeping track of workloads and estimated that more than a third of files in the cloud shouldn’t be there. Some 83% claimed they don’t have the right processes in place to effectively manage security incidents, meaning a quarter of alerts go unaddressed.

Nearly three-quarters (73%) said they’ve experienced an incident because their cloud security isn’t mature enough, i.e. they lack controls like encryption and multi-factor authentication (MFA) and are poorly configured. Some 65% of organisations failed to implement MFA in IaaS environments and 80% don’t use encryption, according to Symantec’s Report.

As a result, they face an increased risk of insider threats, ranked by respondents as the third biggest threat to cloud infrastructure.

Sixty-nine percent of survey respondents think their data is likely already on the dark web for sale.

Nico Popp, Symantec’s senior vice-president of cloud & information protection, explained that 69% of responding organisations believe their data is already on the dark web for sale and fear an increased risk of data breaches because of their cloud migration.

“The adoption of new technology has almost always led to gaps in security, but we’ve found the gap created by cloud computing poses a greater risk than we realise, given the troves of sensitive and business-critical data stored in the cloud,” he added.

“Data breaches can have a clear impact on enterprises’ bottom line, and security teams are desperate to prevent them. However, it’s not the underlying cloud technology that has exacerbated the data breach problem, it’s the immature security practices, overtaxed IT staff and risky end-user behavior surrounding cloud adoption.”

Symantec:            Infosecurity

You Might Also Read: 

Is The Cloud Skills Gap A Problem?:

 

 

« Cyberwar Between Nation-States Damages Business
Pakistan Clashes With India In Cyberspace »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CyberPolicy

CyberPolicy

CyberPolicy is a cyber protection solution for small businesses. It combines three important components against cyber threats - Cyber Plan, Cybersecurity and Cyber Insurance.

Visa

Visa

Visa is a global payments technology company that connects consumers, businesses and banks in more than 200 countries and territories worldwide.

Crossword Cybersecurity

Crossword Cybersecurity

We work with research intensive European university partners to identify promising cyber security intellectual property from research that meets emerging real-world challenges.

Nation-E

Nation-E

Nation-E offers innovative cyber security solutions for industrial installations, critical infrastructure and smart grids.

NGS (UK)

NGS (UK)

NGS (UK) Ltd are independent, vendor agnostic, next generation security trusted advisors, providing all-encompassing solutions from the perimeter to the endpoint.

eLearnSecurity

eLearnSecurity

eLearnSecurity is an innovator in the IT Security training market providing quality online courses paired with highly practical virtual labs.

Crypto Valley Association

Crypto Valley Association

Crypto Valley Association is an independent, government-supported association established to build the world’s leading blockchain and cryptographic technologies ecosystem.

Jump Capital

Jump Capital

Jump provides series A and B capital to data-driven tech companies within the FinTech, IT & Data Infrastructure, B2B SaaS and Media sectors.

Sovereign Intelligence

Sovereign Intelligence

Sovereign Intelligence provides automated insight into the relative intensity of hidden Cyber, Brand, and Financial Risks to your company.

Noventiq

Noventiq

Noventiq (the brandname of Softline Holding plc) is a leading global solutions and services provider in digital transformation and cybersecurity.

TriagingX

TriagingX

TriagingX successfully created the first generation malware sandbox that is being used by many Fortune 500 companies for daily malware analysis.

Deduce

Deduce

Deduce use a combination of aggregate historical user data, identity risk intelligence, and proactive alerting to deliver a robust identity and authentication solution.

Treacle Technologies

Treacle Technologies

Treacle Technologies are a Cyber Security startup with a focus on Defensive Security.

BBS Technology

BBS Technology

BBS Technology is a company that develops and delivers next-generation cyber security technologies worldwide.

Quantum Bridge

Quantum Bridge

Our unbreakable key distribution technology ensures the highest level of protection for your critical infrastructure and sensitive data in an evolving digital landscape.

JustunSecure

JustunSecure

JustunSecure is dedicated to promoting information technology and cybersecurity in Africa.