The number of businesses relying on the cloud for the majority of their work processes is on the rise, new research has found, but this pace of growth is not being matched by improvements in security.
This is according to Symantec’s 2019 Cloud Security Threat Report (CSTR), which found more than half of enterprise workloads (53 per cent) have shifted to the cloud. However, a similar number of businesses (54 per cent) indicate their organisation’s cloud security solutions are not mature enough to keep up with the rapid expansion of cloud apps.
Nico Popp, senior vice-president of cloud and information protection at Symantec, said that while the adoption of new technology has also led to gaps in security, the risks posed by migration to cloud are far greater than many people have realised, especially given the vast amount of personal and business-critical data now being held on these platforms.
Indeed, more than two-thirds of businesses (69 per cent) believe their private data is already for sale on the dark web, and worry that moving to the cloud will only expose them to a higher risk of breaches.
“Data breaches can have a clear impact on enterprises’ bottom line, and security teams are desperate to prevent them,” Mr Popp continued. “However, our 2019 CSTR shows it’s not the underlying cloud technology that has exacerbated the data breach problem – it’s the immature security practices, overtaxed IT staff and risky end-user behaviour surrounding cloud adoption.”
The study found almost three-quarters of businesses (73 per cent) have experienced a security incident as a result of immature practices. A lack of visibility is the number one issue, with 93 per cent of companies saying they have difficulty keeping tabs on all cloud workloads.
Risky user behaviour is another key challenge, with nearly one in three employees said to be engaging in such actions, while 85 per cent fail to use best practices for cloud security.
The result of this is that sensitive data is frequently stored in areas of the cloud where it would be vulnerable to breaches. What’s more, 93 per cent of CSTR respondents say oversharing is a problem, estimating that more than a third of files in the cloud should not be there.