The volume of cloud data breaches has noticeably increased in the last two years but so have corporate cyber budgets and executive buy-in, a new cloud security report said.
That doesn't mean it's a standoff between the attackers and the defenders. Over the same time period, companies’ adoption of cloud services has spiked, making for a relatively volatile landscape and an inviting target for hackers, said Laminar, a provider of cloud security. In its study of some 500 security professionals conducted in February 2022, fully 50 percent said their organization had been breached in 2020 or 2021. Of those whose companies had been breached, 58 percent said that their cloud data had been exfiltrated in the heist.
Those security specialists are simultaneously dealing with an increasingly complex multi-cloud environment, while struggling with a lack of visibility, inadequate controls, and rising shadow data problem, Laminar said. Shadow data is their top concern, with 82 percent of the respondents pointing to it as a top concern. Examples of shadow data now include database copies in test environments, unmanaged backups, toxic application logs and caches, analytics pipelines, stale unmaintained databases, and unlisted embedded databases, Laminar said. Each of them is at risk for exposure to hackers.
Still, there is good news mixed in among the bad. The high number of data breaches has caught the eye of the C-suite at half of the organizations in the survey. And, more than eight in 10 security teams are working with budgets fortified by more than 40 percent since the beginning of 2020, Laminar’s data showed. That money will enable companies that have boosted their cybersecurity investments to add staffers, upskill employees and develop new solutions.
Here’s some additional data from the study:
- 56% of organizations work with two or more cloud service providers.
- 65% of respondents believe that cloud environments are unique enough to warrant a unique solution.
- Survey respondents believe that cloud-native security solutions can help them oversee their fast-expanding, heterogeneous cloud environments and data stores.
- 49% believe that cloud-native security solutions are dynamic, effective, and scalable.
- 46% state that they are asynchronous and thus don’t disrupt data traffic flow or performance.
- 44% say they are agentless and API-based, thus resulting in a lower total cost of ownership.