Threat Protection Mind the Gap – Cloud Threat & Data Protection
Apr 09 2020

Mind the Gap – Cloud Threat & Data Protection

Increased remote working each day is accelerating the digital transformation of cloud services and apps across the globe.  Workforces now at home will innovate, adapt, and adopt new cloud services and apps, where over 98% are not managed by IT administration. This opens the door for data to move like a river throughout the cloud and introduces new threats where all stages of the cyber kill chain are cloud-enabled. Cloud phishing will only increase in these times, alongside compromising credentials to enable attackers the ability to log in.

Stabilizing, optimizing, and securing remote worker access with Zero Trust Network Access (ZTNA) solutions like Netskope Private Access combined with a Netskope Next Gen Secure Web Gateway (NG SWG), are actions being taken now.  Next comes the assessment of cloud data and threat protection defenses used by your organization. To get a picture across various industries and organization sizes, we coordinated with Cyber Security Insiders (CSI) to conduct a survey on the current state of cloud defenses.

What are the disruptors to drive an assessment of cloud defenses?

  1. The average organization uses 2,415 cloud services and apps today
  2. 89% of users are active in the cloud, even more so when working remotely
  3. The #1 attack method is phishing, and the #1 target is SaaS/webmail 
  4. The apps with the most threats are: Office 365 OneDrive, Box, G Drive
  5. SaaS enables threats with trusted domains and valid certificates to evade legacy defenses
  6. Allow listing cloud apps provides a red carpet entry for threats and data exfiltration
  7. 44% of threats were cloud-enabled in 2019 with a span over 1600+ cloud services and apps
  8. Published attacks are heavily using cloud services within the delivery and exploit kill chain stages
  9. For the first time, 51% of threats are now file-less while 49% are malware-based
  10. More than 50% of web traffic sessions are cloud-based requiring inline API JSON decoding

Solid evidence it’s time to mind the gap and assess cloud threat and data protection today and in the future to benchmark progress. Cloud adoption also brings boundary crossings that legacy defenses miss due to either a lack of visibility or coarse grain allow/block controls with no understanding of context.  Data can flow between company and personal instances of cloud apps, between managed and unmanaged cloud apps, and between low-risk and high-risk cloud apps not desired for use. Beyond instance awareness, is an understanding of activity and its anomalies, plus the content itself and the overall context. All of this requires the inline decoding of cloud-based API JSON traffic for thousands of cloud services and apps in use today.

The results are interesting, almost two-thirds of enterprises surveyed are not prepared for widespread cloud use for threat and data protection. For those attending the webinar on April 30th at 2pm EST, we will provide an infographic covering the key highlights of the survey, plus a full report that dives deeper into the demographics and correlations between questions To understand where you stand among peers when it comes to enabling cloud defenses, please attend the webinar at the registration link below.

ATTEND THE WEBINAR

After the webinar on April 30th at 2pm EST, we will provide the INFOGRAPHIC and the FULL REPORT on these hyperlinks. 

Resources:

  • 2020 Netskope Cloud and Threat Report
  • 2020-2019 Netskope Threat Research Blogs
  • 2020 CrowdStrike Threat Report
  • 2019 Quarterly APWG Phishing Trends Report 
author image
About the author
Tom Clare is a senior product marketing manager. his focuses at Netskope center on product strategy, marketing experience with web/cloud proxies, data and threat protection, behavior analytics, network traffic analysis, endpoint protection, endpoint detection and response, deception, and firewalls.
Tom Clare is a senior product marketing manager. his focuses at Netskope center on product strategy, marketing experience with web/cloud proxies, data and threat protection, behavior analytics, network traffic analysis, endpoint protection, endpoint detection and response, deception, and firewalls.