Some 39% of businesses ran into a data breach into their cloud environment in the past year, marking a noticeable increase from last year’s 35%, said Thales, an IT consultant in the defense and security, aeronautics and space, and digital identity and security industries.
3,000 IT and Security Profs in 18 Countries Surveyed
In data gleaned from Thales’ 2023 Cloud Security Study, which encompassed roughly 3,000 IT and security professionals across 18 countries, human error was identified as one of the top causes of data breaches, as reported by 55% of surveyed individuals.This rise in breaches coincides with a significant surge in sensitive data stored in the cloud. About 75% of businesses disclosed that over 40% of their cloud-stored data is classified as sensitive, a substantial increase compared to last year's 49%.Here are eight of the study’s other findings:- When it comes to targets for hackers, Software as a Service (SaaS) applications ranked as the primary focus for 38% of respondents, closely followed by cloud-based storage at 36%.
- The study also found that a lack of encryption and key control prompted cloud data concerns among the participants. Less than one-quarter of IT professionals said that more than 60% of their sensitive data in the cloud is encrypted, while the average encryption rate for cloud data currently stands at 45%.
- In addition, businesses demonstrated limited control over encryption keys, with only 14% claiming full control over their encrypted data in the cloud. A majority (62%) reported employing five or more key management systems.
- The adoption of multi-cloud environments continues to grow rapidly, with over three-quarters (79%) of organizations utilizing multiple cloud providers. Notably, the use of SaaS applications has also witnessed significant growth. In 2021, 16% of respondents reported using 51-100 different SaaS applications, a figure that rose to 22% in 2023.
- Despite the expanding use of the cloud, managing data in this environment remains a major challenge. More than half (55%) of respondents expressed that cloud data management is more complex than in on-premises environments, marking an increase from 46% in the previous year.
- Respondents also raised concerns about digital sovereignty, with 83% worried about data sovereignty and 55% finding data privacy and compliance in the cloud increasingly difficult.
- Implementing strong identity and access management (IAM) measures is crucial concerning data privacy The adoption of robust multi-factor authentication (MFA) has increased to 65%, indicating progress in strengthening access controls.
- Only 41% of organizations have implemented zero trust controls in their cloud infrastructure, with an even smaller percentage (38%) employing such controls within their cloud networks.
