Request a Quote

Thales: For Data Breaches, Cloud Assets are Biggest Cybersecurity Headache

We Keep you Connected

Thales: For Data Breaches, Cloud Assets are Biggest Cybersecurity Headache

Thales: For Data Breaches, Cloud Assets are Biggest Cybersecurity Headache
Your email has been sent
Thales cloud security study shows that 79% of organizations have more than one cloud provider and 75% of companies said they store at least 40% of their sensitive data in the cloud.
While Thales, in its 2023 Cloud Security Study, found that well over a third (39%) of businesses experienced a data breach in their cloud environment last year versus 34% in 2021, organizations are increasingly caching sensitive data in multiple cloud environments.
In the report, based on a survey of 3,000 IT and security teams across 18 countries in EMEA, the Americas and Asia Pacific:
The study shows how more companies are using more cloud service providers, tracking with the 35% growth in the number of reported providers in the market. The study authors noted that the average number of cloud infrastructure providers is now 2.3, and that more than three-quarters (79%) of this year’s respondents have more than one cloud provider (Figure A).
Figure A
“With a larger number of platforms to secure, the opportunity for operational errors grows, increasing the attack surface with each error. Organizations either have to dedicate separate teams to specialize in each platform or expect their security teams to become well-versed in multiple platforms at the same time,” according to the study.
The study reported that organizations are lifting more workloads and data into the cloud: The number of organizations that reported that 60% or more of their workloads are in the cloud increased from 23% to 27% year over year.
SEE: Read how IBM is boosting cloud data practice (TechRepublic)
The report polled respondents two ways about sensitive data in the cloud to determine how they are deploying their data and saw increases in both directions. The survey asked about:
It found that:
In this year’s study, 22% of respondents said that over 60% of their sensitive data in the cloud is encrypted and 40% said over half of that cloud-based sensitive data is encrypted. Those numbers constitute an improvement from last year’s study, which reported that only 17% of respondents had said over half of their sensitive data in the cloud was encrypted. That said, only 2% said 100% of their sensitive data in the cloud is encrypted (Figure B).
Figure B
Additionally, 62% of IT executives who responded to the survey said they have five or more key management systems, which Thales said constitutes increased complexity for securing sensitive data.
Not only do most companies report having multiple cloud service providers, the rise in the use of SaaS apps is expanding the threat surface for data exfiltration:
The study included a ranking question on which attack targets are most likely to be attacked. SaaS was mentioned first by 38% of respondents, followed by cloud storage at 36% of those polled. Additionally, the study’s authors said the number of survey respondents reporting a data breach during the study period was up 4% from last year’s report — 35% to 39%.
Over half (55%) of respondents to the survey said human error triggered cloud data breaches at their organizations, but only 41% of organizations have implemented zero-trust controls in their cloud infrastructure — only 38% use zero-trust protocols in their cloud networks. However, more companies are adopting authentication protocols for employees: 65% of respondents to Thales’ survey said they now deploy multifactor authentication.
SEE: Palo Alto Networks on differently about cloud security (TechRepublic)
“Organizations are operating in a dynamic multi-cloud landscape, demanding seamless and efficient security measures,” said Sebastien Cano, senior vice president for cloud protection and licensing activities at Thales.
“To overcome challenges arising from human error and misconfiguration, it is imperative that data protections in the cloud are simplified and easily manageable.” He said that the key to enhancing cloud security lies in treating cloud environments as an extension of existing infrastructure. “By adopting this approach, organizations can effectively bolster security and ensure comprehensive protection across the entire digital ecosystem.”
Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
Thales: For Data Breaches, Cloud Assets are Biggest Cybersecurity Headache
Your email has been sent
Your message has been sent
TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.
Get up and running with ChatGPT with this comprehensive cheat sheet. Learn everything from how to sign up for free to enterprise use cases, and start using ChatGPT quickly and effectively.
Get the most out of your payroll budget with these free, open source payroll software options. We’ve evaluated the top eight options, giving you the information you need to make the right choice.
We highlight some of the best certifications for DevOps engineers. Learn more about DevOps certifications.
With so many project management software options to choose from, it can seem daunting to find the right one for your projects or company. We’ve narrowed them down to these ten.
This Microsoft PowerToys app simplifies the process of visualizing and modifying the contents of the standard Windows Registry file.
Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
This policy from TechRepublic Premium provides guidelines for the consistent and secure management of passwords for employees and system and service accounts. These guidelines include mandates on how passwords should be generated, used, stored and changed as well as instructions for handling password compromises. From the policy: GENERAL REQUIREMENTS Blank or easily guessed passwords, such …
The purpose of this policy from TechRepublic Premium is to provide guidelines for the appropriate use and administration of storage area networks. This policy can be customized as needed to fit the requirements of your organization. From the policy: SUMMARY SANs provide manageable, centralized storage capacity for systems offering vast amounts of disk space via …
Whether you’re the leader of a meeting or an attendee, you can take steps to make the experience more productive and useful. This 20-page PDF from TechRepublic Premium contains plenty of tips and advice that will help. From the guide: TIPS FOR TURNING USELESS MEETINGS INTO PRODUCTIVE ONES A quick survey of Amazon reveals hundreds …
Over the past decade or so, particularly after the general proliferation of smartphones at the consumer level, the global banking industry has been disrupted by startups implementing innovative and sometimes revolutionary financial technology platforms. These applications have transformed the way many consumers use banking and financial services, to the point where some traditional banking has …

source

 

Enterprise Guardian (EnGuard) specializes in HIPAA Compliant Email for the Healthcare Industry.
HIPAA Compliant Email, Telehealth & Cloud Made Easy.

 

GET THE LATEST UPDATES, OFFERS, INFORMATION & MORE