Cloud Resources Have Become the Primary Target of Cyberattacks
July 25, 2024
By Melisa Osores, Managing Editor for Latin America at Computer Weekly
Originally published in Computer Weekly
According to research by Thales, 44% of all organizations have experienced a cloud data breach, and nearly half (47%) of corporate data stored in the cloud is sensitive data.
As cloud use remains strategically vital for many organizations, cloud resources have become the primary target of cyberattacks, with 31% of attacks prioritizing SaaS applications, 30% cloud storage, and 26% cloud management infrastructure. As a result, protecting cloud environments has become the top security priority, ahead of all other security disciplines. These numbers were presented in the Thales “2024 Cloud Security Study,” which was based on a survey of almost 3,000 IT and security professionals in 18 countries across 37 industries.
(Free access, no subscription required)
The study showed that organizations continue to face cloud data breaches: 44% reported having experienced a cloud data breach, and 14% reported a breach in the past 12 months. Human error and misconfiguration remain the leading causes of these breaches (31%), ahead of known vulnerability exploits (28%) and failure to implement multi-factor authentication (17%).
The growing use of the cloud in enterprises has increased the potential attack surface for malicious actors, as 66% of organizations use more than 25 SaaS applications and nearly half (47%) of data in the cloud is sensitive. Despite increasing risks to sensitive cloud data, encryption rates remain low, with less than 10% of enterprises encrypting 80% or more of their cloud data.
“The scalability and flexibility offered by the cloud are extremely attractive to organizations, so it is no surprise that it is a fundamental element of their security strategies. However, as the cloud attack surface expands, organizations must get a firm grasp on the data they have stored in the cloud, the keys they are using to encrypt it, and the ability to have complete visibility into who is accessing the data and how it is being used. Solving these challenges now is vital, especially considering that data sovereignty and privacy emerged as top concerns in this year’s study,” said Sebastien Cano, Senior Vice President of Thales Cloud Protection and Licensing.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of LACNIC.