Proofpoint, a leading cybersecurity and compliance company, has announced the release of its latest study, Cloud and Web Security Challenges in 2022, in collaboration with The Cloud Security Alliance (CSA). The commissioned study queried more than 950 Information Technology and security professionals from various organisation sizes and locations to better understand the industry’s knowledge, attitudes and opinions regarding cloud and web-delivered threats. The results reveal that organisations are struggling to sufficiently secure new cloud environments implemented during the pandemic, while maintaining legacy equipment and trying to adapt their overall security strategy to the evolving landscape.
“In the wake of COVID-19, organisations substantially accelerated their Digital Transformation initiatives to accommodate a remote workforce,” said Hillary Baron, Lead Author and Research Analyst at CSA, a world leading organisation in defining standards, certifications and best practices to help ensure a secure cloud computing environment.
“While these initiatives strive towards improving worker productivity, product quality, or other business objectives, there are unintended consequences and challenges because of the large-scale structural changes required. One of those challenges is developing a cohesive approach to cloud and web threats while managing legacy and on-premises security infrastructure.”
As organisations continue to migrate to the cloud, reliance on third parties and partners increases, which in turn exacerbates the risk of threats through the supply chain. The Cloud and Web Security Challenges in 2022 study shows that 81% of responding organisations are moderately to highly concerned about risks surrounding suppliers and partners, with almost half (48%) specifically concerned about potential data loss as a result of such risks. This high level of concern is entirely warranted as 58% of organisations indicated that third parties and suppliers were the target of a cloud-based breach in 2021.
The study reveals that defending data is rightfully a top concern for businesses, with 47% listing ‘sensitive data loss’ as their most concerning outcome of cloud and web attacks. The specific types of data organisations are most concerned with are customer data, credentials and intellectual property. Almost half (43%) of organisations listed protecting customer data as their primary cloud and web security objective for 2022. Despite this, only one-third (36%) of the organisations surveyed have a dedicated Data Loss Prevention (DLP) solution in place.
“As organisations adopt cloud infrastructures to support their remote and hybrid work environments, they must not forget that people are the new perimeter,” said Mayank Choudhary, Executive Vice President and General Manager of Information Protection, Cloud Security and Compliance for Proofpoint. “It is an organisation’s responsibility to properly train and educate employees and stakeholders on how to identify, resist and report attacks before damage is done.
“Cultivating a culture of security within and around your organisation coupled with the use of multiple streamlined solutions is critical to effectively protect people against cloud and web threats and defend organisational data.”