Cloud account takeovers present serious security risk to enterprises
Cloud account compromises cost organisations millions of dollars every year, with many IT professionals stating takeovers are a significant risk to their organisations.
Proofpoint and Ponemon Institute have released the results of a new study on ‘The Cost of Cloud Compromise and Shadow IT’.
According to the study, the average cost of cloud account compromises reached $6.2 million over a 12-month period.
In addition, 68% of these survey respondents believe cloud account takeovers present a significant security risk to their organisations, with more than half indicating the frequency and severity of cloud account compromises has increased over the last 12 months.
Less than half (44%) of survey respondents believe their organisations have established clearly defined roles and accountability for safeguarding confidential or sensitive information in the cloud.
Risks are also magnified as fewer than 40% of respondents say their organisations are vigilant in conducting cloud app assessments before deployment.
The survey also found that cloud account compromises are costly incidents and present a significant security risk.
According to 86% of respondents, the annual cost of cloud account compromises is over $500,000. Survey respondents also reported 64 cloud account compromises per year on average, with 30% exposing sensitive data.
Nearly 60% of respondents indicated Microsoft 365 and Google Workspace accounts are heavily targeted by brute force and phishing-based cloud attacks. Overall, over 50% of respondents say phishing is the most frequent method attackers use to acquire legitimate cloud credentials.
In addition, the survey highlights that shadow IT is creating substantial risks for organisations.
In fact, 75% of respondents say the use of cloud apps and services without the approval of IT is a serious security risk.
Additional practices also increased risks including the move to the cloud and mobile workforce (72%) and cloud-based collaboration/messaging tools for sharing sensitive or confidential files (70%).
Finally, the survey finds that strong authentication and adaptive access controls are essential in securing admission to cloud resources.
More than 70% of respondents supported multiple identity federation standards, including SAML, and controlling strong authentication prior to accessing data and applications in the cloud.
61% agreed adaptive access controls to protect users most at risk are essential.
Ponemon Institute chairman and founder Dr. Larry Ponemon says, “This research illustrates that leaving SaaS security in the hands of end-users or lines of business can be quite costly.
"Cloud account compromises and sensitive information loss can disrupt business, damage brand reputation, and cost organisations millions annually.”
Proofpoint vice president of product marketing Tim Choi says, “SaaS security simply cannot be an afterthought given the high cost of cloud account compromise and today’s heightened hybrid working environment.
"The move to the cloud and increased collaboration requires a people-centric security strategy backed by a cloud access security broker (CASB) solution that is integrated with a larger cloud, email, and endpoint security portfolio.
"Such an approach effectively addresses concerns like cloud account compromise, unauthorised access to cloud data, and cloud application governance.
"Organisations need clearly defined roles, established accountability, and a CASB solution that can be operationalised in hours - not weeks.”