Greetings from RSA Conference 2016 — or as some are probably calling it, “any Best Buy on the eve of Black Friday.” The expo floor is more packed than ever, and it’s clear that IT departments from around the world are focused on evolving their security strategies to align with the reality of today’s cloud-driven, mobile-first workplace.
At Netskope, we’re of course most interested in the ever-growing volume of cloud apps used within enterprises, and how that impacts IT. As we noted in our February 2016 cloud report, enterprises are now using on average a total of 917 cloud apps — the vast majority of which are unsanctioned by IT, and 94 percent of which are not enterprise-ready. It’s the highest total we’ve recorded since we first started publishing our Cloud Report, and a 21 percent increase from the previous Cloud Report.
So, what does IT make of this ever-growing total of cloud apps with which they’re tasked to manage? We asked some of those in attendance at RSA, and came away with some interesting findings about the correlation between cloud apps and insider threats, and the need for a more unified strategy to meet this growing concern:
More Cloud Apps = More Insider Threats
An overwhelming majority (90 percent) of those polled said they believed there was a strong correlation between adding more cloud apps and a greater risk of insider threats. Interestingly, they also noted that far more often than not cloud app-based insider threats are unintentional. In most cases, employees were not acting maliciously, but rather exposing sensitive data via unsanctioned cloud apps too.
Cloud Apps are a Growing Threat Vector, but IT STILL Lacks a Unified Strategy to Deal
While nobody argues that cloud apps are enabling much greater productivity and collaboration for today’s mobile workforce, there’s equal consensus (99 percent, to be specific) that cloud apps are a growing threat vector.
In most cases, though, there’s still no central strategy to deal with this. The farther away one gets from the traditional data center, the more vulnerable cloud apps become. Of note, only 37 percent of businesses have policies in place to address cloud-based threats.
While most respondents acknowledged having at least some type of policy in place to deal with insider threats in general, those policies were largely disjointed. Respondents reported that they had insider threat policies in place for the following areas:
- Network (63%)
- Cloud / SaaS (37%)
- Personal Mobile Devices (40%)
- Company-Issued Mobile Devices (49%)
- Other (23%)
The Times, They Are A-Changing
In light of all of the high profile breaches over the past year, more than 70 percent of respondents reported they had either increased, or planned to increase, their budget to better address threats in 2016. It’s safe to assume that number will grow even higher as IT adapts to the new reality.
When it comes to securing yourself against cloud apps, Netskope has you covered. And it’s not too late to say hi at RSA this week; visit us at booth S1645 and catch a demo of our cloud access security broker.
About This Survey:
- Data were collected on the RSA expo floor on March 1, 2016
- 103 unique responses were collected