Study: 50% of all cyberattacks originate in the cloud

Posted on 2023-12-11 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]It is an exciting finding that emerges from a study by Illumio (provider of solutions for zero trust segmentation). Half of all cyberattacks on companies originate in the cloud. People are often unable to cope with the complexity of these solutions in terms of security. And there is another result of this study: cyber attacks cost companies an average of 4.1 million US dollars (3.81 million euros).

Advertising

The global study provides information on the current state of cloud security and the impact of attacks on the cloud. The study also identifies the reasons for the failure of conventional cloud security technologies in protecting companies in the cloud. I also found some interesting statements relating to Germany.

In September 2023, Illumio Inc. commissioned Vanson Bourne, an independent research company, to conduct research worldwide. As part of the study, the research company surveyed 1,600 IT and security decision-makers in nine countries (200 in Germany) on the topic of cyber security. The companies surveyed in Germany have an average turnover of 1,519,348,366 euros and between 500 and 2,500 employees – i.e. not medium-sized companies.

Results of the study

The general result of the study is the (not new) realization that cloud risks are becoming ever greater, that conventional cloud security tools are no longer sufficient and that zero trust segmentation (ZTS) is essential for modern IT infrastructure (well, the latter had to appear, as Illumio Inc. offers services in precisely this area). But the key findings of the study are actually universal:

  • Traditional cloud security often fails organizations: In 2022, nearly half of all data breaches (47 percent) originated in the cloud. More than six out of ten respondents believe that cloud security is inadequate and poses a serious risk to their business operations.
  • Data breaches in the cloud cost companies millions every year: On average, a company affected by a cloud attack last year suffered nearly $4.1 million in damages. 26% of respondents believe that security breaches are not inevitable, which poses a serious risk to companies and their customers.
  • 93 percent of respondents agree with the statement that zero trust segmentation (ZTS) is an essential part of any cloud security strategy as it increases digital trust (61 percent), reduces business costs (61 percent), and improves security.

Cloud issues are pervasive in today's complex, hybrid world

The moment organizations move their most sensitive data to the cloud, the complexity and risk to them increases. 98 percent of organizations store their most sensitive data in the cloud, including financial data, business intelligence and personal data of customers or employees. Yet more than 9 in 10 companies are concerned that unnecessary or unauthorized connections between cloud services increase the likelihood of compromise. According to the study, the main threats to organizations' cloud security are as follows:

  • Workloads and data that cross traditional system boundaries (43 percent);
  • lack of understanding of the division of responsibility between cloud providers and vendors (41 percent)
  • social engineering attacks (36 percent);
  • lack of transparency in multi-cloud implementations (32 percent) and increasing malware and ransomware attacks (32 percent).

The average annual loss worldwide is 3.8 million euros.

Advertising

Where traditional cloud security tools fail

The overwhelming majority of respondents (globally) believe that their organization's current approach to cloud security poses significant risks:

  • 95 percent say they need better visibility into connectivity with third-party software.
    This lack of visibility is impacting organizations' ability to respond to attacks.
  • 95 percent of respondents said they need to improve their response time to cloud attacks.

Respondents are concerned about the business impact of a cloud attack – the top three concerns are:

  • Damage to reputation and loss of public trust (39 percent),
    loss of sensitive data (36 percent)
  • and loss of revenue-generating services (35 percent).

Zero trust segmentation is an essential element for cloud security

93 percent of IT and security decision makers believe that segmenting critical assets is a necessary step to secure cloud-based projects. Furthermore, companies with specialized micro-segmentation technology are less likely to have experienced a cloud attack in the last year (35 percent) than companies without this technology (43 percent).

Zero Trust Segmentation (ZTS) addresses the visibility and security concerns of companies through:

  • Continuously monitor connectivity between cloud applications, data and workloads (55 percent);
  • Minimizing the reach and impact of an attack by containing its spread (51 percent);
  • and insight into unnecessary connectivity that could lead to increased vulnerability (45 percent).

The complete Cloud Security Index "Redefine Cloud Security with Zero Trust Segmentation" can be downloaded from the company's website (after providing various data).

Advertising
This entry was posted in Cloud, Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).