Poor security practices put cloud-driven business growth and cost savings at risk
47 per cent of businesses face data loss at the hands of 3rd party cloud providers
Swift adoption of cloud-based services and a lack of well-defined security strategies is leaving organisations struggling to keep control of their data, across a sprawling number of services and applications. According to new research from Kaspersky Lab, 35 per cent of businesses admit that they are unsure if certain pieces of corporate information are stored on company servers or on those of their cloud providers. This makes the safeguarding and accountability of data extremely hard to achieve, putting its integrity at risk and paving the way for potentially severe security and cost implications.
With cloud services enabling companies to take advantage of key technologies to support day-to-day operations and growth plans – without worrying about maintenance or the hefty price tag - it’s no surprise that 78 per cent of businesses are already using at least one Software-as-a-Service (SaaS) based platform. The same number (75 per cent) are also planning to move more applications to the cloud in the future. When it comes to IaaS, nearly half (49 per cent) of enterprises and 45 per cent of SMBs are looking to outsource IT infrastructure and processes to third parties.
However, for many organisations, the speed of adoption and lure of cost and operational savings has been to the detriment of security, with many using cloud services with no strategy in place for the security of their information. Uncertainty around who is responsible for the security of data in the cloud can often be the basis for this approach. Indeed, our research found that 7 out of 10 (70 per cent) businesses using SaaS and cloud service providers have no clear plan in place to deal with security incidents which could affect their partners. A quarter admit to not even checking the compliance credentials of their service provider, suggesting an assumption that they will pick up the pieces if something goes wrong.
However, with 42 per cent of businesses not feeling adequately protected from incidents affecting their cloud service provider and a quarter (24 per cent) of businesses having experienced a security incident affecting the IT infrastructure hosted by a 3rd party, over the last 12 months – a reliance on cloud providers alone to provide complete protection could be a risky strategy.
This lack of planning and accountability by cloud adopters for the security of their information, could have serious consequences for companies, with enterprises suffering an average financial impact £900k as the result of a cloud-related security incident, compared to £75k for SMBs. Where data has been compromised as the result of a 3rd party incident, the top three types of data to be affected were: highly sensitive customer information (experienced by 49 per cent of SMBs and 40 per cent of enterprises); basic employee information (35 per cent for SMBs, 36 per cent for enterprises); and emails and internal communication (31 per cent for SMBs, 35 per cent for enterprises).
Therefore, businesses have to find ways to get the cloud zoo under control. Every package of data needs to be protected wherever it happens to be at any one time. To do so, companies need to be able to spot anomalies within their cloud infrastructures, and that can only be achieved through a combination of techniques including machine learning and behavioral analytics. This ability to identify and defend against unknown threats is absolutely fundamental to cloud infrastructure security. Besides that, enabling visibility of the cloud ecosystem and its cybersecurity layer will give businesses a clear view on where data resides and if its current protection status meets corporate security policies. Only in this way businesses will be able to tame the cloud zoo and have complete control - no matter how much and where data is stored.
“Kaspersky Lab has proven experience in protecting cloud infrastructures. Our cybersecurity portfolio is ‘cloud-ready’ and is already supporting our existing customers in their transition from on premise datacentres to private and public clouds and hybrid infrastructures with multiple solutions and applications, all centrally managed.” said Alessio Aceti, Head of Enterprise Business, Kaspersky Lab. “Today’s rapid pace of digital transformation is bringing more efficiency and flexibility to business operations, but it is also presenting new security challenges that put business agendas in danger. To address these cloud security shortcomings, we will continue to expand our offering, taking the protection of cloud infrastructure to an entirely new level. Our customers will benefit from agile security for their cloud infrastructures of any size and shape. This includes the protection of Amazon Web Services and Microsoft Azure-based workloads, as Poor security practices put cloud-driven business growth and cost savings at risk well as Microsoft Office 365 cloud applications, while also ensuring security orchestration and visibility across the entire hybrid cloud.”
To explore more about cloud security trends, please find the report here. To learn more about how our products can help your business tame the cloud zoo, please visit https://www.kaspersky.com/enterprise-security/cloud-security.
About Kaspersky Lab:
Kaspersky Lab is a global cybersecurity company celebrating its 20 year anniversary in 2017. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialised security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at https://www.kaspersky.co.uk/.
Editorial contact:
Berkeley Global
Ollie Bennett
kasperskylab@berkeley.global
Telephone: 0118 909 0909
100 Longwater Avenue
RG2 6GP, Reading
Kaspersky Lab UK
Stephanie Fergusson
Stephanie.Fergusson@kasperskylab.co.uk
Telephone: 07714107292
2 Kingdom Street
W2 6BD, London
Poor security practices put cloud-driven business growth and cost savings at risk
Kaspersky
Related Articles Press Releases
Kaspersky Thin Client 2.0: Cyber Immune protection with enhanced connectivity, performance and design
Kaspersky has presented an updated operating system for thin clients that offers enhanced connectivity, higher speed of applications delivery, lower total cost of ownership, user-friendly graphical interface and quick deployment. Kaspersky Thin Client 2.0 is the main component of the Cyber Immune solution for building thin client infrastructure in a wide range of industries, including healthcare, finance, education and manufacturing.Read More >New DuneQuixote cyberespionage campaign targets governmental entities worldwide
Kaspersky researchers have discovered an ongoing malicious campaign initially targeting a governmental entity in the Middle East. Further investigation uncovered more than 30 malware dropper samples actively employed in this campaign, allegedly expanding the victimology to APAC, Europe and North America. Dubbed DuneQuixote, the malware strings incorporate snippets taken from Spanish poems to enhance persistence and evade detection, with the ultimate goal of cyber espionage.Read More >Kaspersky Extended Detection and Response now available for implementation into business infrastructures
Kaspersky has announced that its new solution, Kaspersky Extended Detection and Response (XDR), is now available to customers after a successful evaluation phase with early adopters in a test environment. Companies can now seamlessly integrate this advanced product into their infrastructure under its new name, ‘Kaspersky Next XDR Expert’.Read More >
We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.