Cloud Security Report: companies struggle to secure cloud effectively

28/06/2023
165

Cybersecurity specialists overwhelmed by amount of dashboards and notifications from tools
76 per cent of organisations are very or very concerned about cloud security
Check Point Software Technologies Ltd (NASDAQ: CHKP), leading provider of cyber security solutions, in collaboration with research firm Cybersecurity Insiders, has released the Cloud Security Report 2023. The report shows that while businesses rely on the cloud to enable scalability and flexibility, they struggle to secure it effectively. 26 per cent of companies have 20 or more security policies in place, leading to alert fatigue. This hampers the ability of teams to effectively counter high-risk incidents. Misconfiguration is the top cloud security concern at 59 per cent.

Larger threat surface
Companies are rapidly expanding their cloud environment. 58 per cent expect to store more than 50 per cent of their workload in the cloud within the next 12 to 18 months. However, the survey points to a pressing problem: 72 per cent of respondents struggle with managing access to multiple security solutions, leading to confusion and also compromising cloud management security. The increasing complexity of understanding and protecting the cloud's threat surface, leading to vulnerabilities, has become a major concern for IT leaders. Malicious actors are capitalising on these challenges: Check Point Research saw a 48 per cent increase in cloud-based network attacks in 2022 compared to the previous year.

Confusing security policies
Security policies are the cornerstone of any effective cloud security strategy. Without proper policy procedures, organisations are vulnerable as security incidents become more frequent and complex.

The survey shows that organisations have implemented different technologies and strategies to manage their complex cloud environments. However, the complexity and lack of visibility and control lead to confusion. The survey shows that a significant proportion of respondents (70 per cent) have six or more security policies in place. An alarming 26 per cent even have 20 or more security policies in place.

Moreover, managing security alerts is essential for rapid incident response. Cybersecurity professionals revealed that they get overwhelmed by alerts from multiple disparate tools. 40 per cent said security alerts they receive become overwhelming when working with 4-6 security tools. This alert fatigue causes confusion, bottlenecks and blind spots, ultimately delaying recovery from serious threats.

The key findings from the Cloud Security Report 2023 are:

Biggest challenges: misconfiguration of cloud platforms or incorrect settings (59 per cent) is the top security threat, followed by inadvertent and/or unauthorised leakage of sensitive data (51 per cent), insecure interfaces/APIs (51 per cent) and unauthorised access (49 per cent).

Cloud security incidents: 24 per cent have experienced a public cloud-related security incident in the past 12 months, with misconfigurations, account compromises and exploited vulnerabilities being the most common types of incidents.

Cloud configuration and security policy management: 62 per cent of organisations use cloud-native tools for configuration management, 29 per cent rely on dedicated Cloud Security Posture Management Solutions (CSPM).

DevSecOps, CIEM and Unified Security Management: 37 per cent of respondents have embraced DevSecOps in certain parts of their organisation, while 19 per cent have implemented a comprehensive programme.

Recent

HubSpot launches first free tool for AI search optimisation

29% of European employees believe AI can be a better boss than a human

Zonneplan, Tibber and Budget Energie best dynamic energy suppliers according to Keuze.nl research

PQR wins HPE Award for Solution Provider in North West Europe

© Dutch Tech On Heels - 2024
Made with
Web Wings