As cloud services usage – and risk – increases, businesses still lack visibility into data breaches
Netskope, the leader in cloud security, today announced the results of a survey entitled “Cloud Malware and Data Breaches: 2016 Study,” conducted in partnership with Ponemon Institute. The study found the growing use of cloud services and the lack of visibility into sensitive information in the cloud can result in more damaging or costly data breaches.
The survey found that the majority of enterprises have not or do not know if they inspect their cloud services for malware. Considering that Netskope research estimates that less than five percent of cloud services are sanctioned, it is unlikely respondents are inspecting all potential services (sanctioned and unsanctioned), raising the possibility that the portion of cloud services that contains malware is even larger.
The findings also reveal that while 49 percent of business applications are now stored in the cloud, fewer than half of them are known, officially sanctioned or approved by IT. While respondents understand the risk of data breaches, nearly a quarter could not determine if they had been breached, and nearly a third couldn’t determine what types of data were lost in the breach(es).
“These data confirm that while cloud adoption is very much on the rise, organizations still lack confidence in the cloud’s ability to protect sensitive information,” said Sanjay Beri, founder and CEO, Netskope. “With the rise of cloud threats like accidental data exposure, malware and ransomware aimed at exfiltrating data and extracting financial gain from sensitive data, IT teams need more robust intelligence, protection, and remediation to protect their data from breach or loss.”
Companies Lack Insight into Breaches, Malware Infections a Growing Threat
Over half of respondents say the use of cloud services significantly increases the likelihood of a data breach, yet the majority have neither the visibility nor have they taken the correct precautions to prevent breaches involving cloud.
A Look at the Fragile Cloud Environment
Cloud adoption is on the rise. A recent forecast from 451 Research predicts that three in five (60 percent) of enterprise workloads will run in the cloud by mid-2018, up from two in five (41 percent) today. This report found that as more software and business applications move to the cloud, knowledge about what applications are in the cloud decreases, putting confidential and sensitive information at risk.
The estimated percentage of software applications in the cloud has increased from 45 percent in 2014 to 49 percent in 2016. Apps that are known, officially sanctioned or approved by IT decreased from an estimated 50 percent to 45 percent, indicating cloud adoption may be outpacing security measures.
Money Talks: The Economic Impact of Data Breaches
Companies were asked to estimate the cost of data breaches involving the loss of 100,000 or more customer records within the last 12 months. They calculated a customer information breach would have cost them almost $20 million in the past year, taking into consideration the cost of remediation and technical support, lost business opportunities, and lost productivity because of downtime.
More Cloud, More Problems: The Cloud Multiplier Effect
Respondents were asked to estimate the likelihood of a data breach when considering a number of IT scenarios involving an increased use of the cloud. The growing use of cloud services (SaaS) and the increase in backup and storage of confidential data in the cloud is most likely to cause a data breach in the cloud:
Netskope and Ponemon Institute surveyed 643 IT and IT security practitioners in the United States and Canada who are familiar with their company’s usage of cloud services. This study was also conducted in 2014. For the full methodology, please download the study.
About Ponemon Institute
Ponemon Institute conducts independent research and education that advances information security, data protection, privacy and responsible information management practices within businesses and governments throughout the world. Our mission is to conduct high quality, empirical studies on critical issues that affect the protection of information assets and IT infrastructure. As a member of the Council of American Survey Research Organizations (CASRO), we uphold strict data confidentiality, privacy and ethical research standards. www.ponemon.org.
Netskope is the leader in cloud security. Using patented technology, Netskope’s cloud-scale security platform provides context-aware governance of all cloud usage in the enterprise in real-time, whether accessed from the corporate network, remote, or from a mobile device. This means that security professionals can understand risky activities, protect sensitive data, stop online threats, and respond to incidents in a way that fits how people work today. With granular security policies, the most advanced cloud DLP, and unmatched breadth of workflows, Netskope is trusted by the largest companies in the world. Netskope — cloud with confidence. To learn more, visit our website.