Bitglass, the Next-Gen CASB company, today announced the findings
of its "Cloud Hard 2018: Security with a Vengeance" Report, which features
survey insights from over 570 cybersecurity and IT professionals on their
approach to cloud security. Visibility and compliance challenges continue to
haunt organizations, with 44 percent of respondents claiming they have
visibility into external sharing and DLP policy violations in their cloud
application and environments. More shocking was the fact that 85 percent of
organizations acknowledged they were unable to identify anomalous behavior
across cloud applications.
The cloud security market is growing in large
part because traditional security infrastructure has failed. Where next-gen firewalls
and built-in capabilities are insufficient for regulatory compliance, internal
compliance, and cloud data protection, dedicated cloud security becomes
critical. Specifically, 84 percent of respondents say traditional security
solutions don't work or have limited functionality in the cloud.
"Cloud security is here to stay as is evident
by the concerns and challenges survey respondents highlighted," said Bitglass
CMO Rich Campagna. "Enterprise security teams are concerned about the
next-generation of cloud threats that pose a risk to corporate data. There has
already been immense progress in the past five years as security personnel come
to the realization that legacy security tools and processes are not enough to
secure their ever-changing ecosystem."
When asked about biggest security threats to
their organization, most cited misconfigurations (62 percent) similar to the
numerous AWS S3 leaks over the past year, followed by unauthorized access (55
percent). 39 percent said external sharing was the most critical threat while
26 percent highlighted malware and ransomware.
Key Report Highlights:
- Less
than half (44%) have visibility into external sharing and DLP policy
violations.
- Only 15%
of organizations surveyed can see anomalous behavior across apps.
- While
78% have visibility into user logins, only 58% have visibility into file
downloads and 56% into file uploads.
- To
protect mobile data, 38% of organizations install agents and 24% use a
trusted device model, where only provisioned corporate-owned devices are
allowed access to company systems.
- 11% have
no mobile access control solution in place, granting access to any
smartphone or tablet.
- 69% of
organizations rely solely on endpoint solutions for malware protection,
tools which cannot detect or block malware at rest in the cloud or
employees' BYO devices.
For more findings and to view the complete
report, please visit: https://pages.bitglass.com/CloudHard_LP.html