Some 48% of companies ‘do not inspect cloud for malware’

Image: D3Damon via iStock

Most companies have not inspected their cloud services for malware, a new study has revealed.

The study, by security firm Netskope and the Ponemon Institute, revealed that as cloud services usage – and the risk that comes with it – increases, businesses still lack visibility into data breaches.

The ‘Cloud Malware and Data Breaches: 2016 Study’ found that the majority of enterprises (48 per cent) do not inspect their cloud services for malware. A further 12 per cent said they were unsure if they inspect for malware. This is despite the fact that 39 per cent of respondents have experienced a malware attack in the last year.

The findings also reveal that of the organisations that do inspect the cloud, 57 per cent of respondents actually found malware.

While survey respondents do understand the risk of data breaches, according to the study nearly one-quarter could not determine if they had been breached, and nearly one-third couldn't determine what types of data were then lost.

Sanjay Beri, founder and chief executive of Netskope, said: “These data confirm that while cloud adoption is very much on the rise, organisations still lack confidence in the cloud's ability to protect sensitive information.

"With the rise of cloud threats like accidental data exposure, malware and ransomware aimed at exfiltrating data and extracting financial gain from sensitive data, IT teams need more robust intelligence, protection, and remediation to protect their data from breach or loss."

For companies that did experience a data breach in the last year (31 per cent), 48 per cent said it was because a user intentionally or accidentally exposed data from a cloud service. However, one-quarter don't have any idea how the breach occurred, and 30 per cent could not determine what data was lost or stolen.