Virtualization Technology News and Information
Article
RSS
Grip Security Releases 2025 SaaS Security Risks Report: Reveals 90% of SaaS Applications and 91% of AI Tools are Unmanaged
Grip Security released its research report, "2025 SaaS Security Risks." The report reveals that traditional security measures are no longer sufficient to address the growing risks from unmanaged SaaS applications and user accounts. Alarmingly, 90% of SaaS applications and 91% of AI tools within organizations remain unmanaged, underscoring a widespread vulnerability that continues to grow.

As SaaS reliance expands, Grip's research highlights the limitations of traditional security strategies in combating the "SaaS risk creep" - the gradual increase of vulnerabilities from unmanaged applications and their associated accounts. Key findings from the report include:

  • The number of SaaS applications used in an enterprise increased by 40% over the last two years
  • SaaS applications per employee have steadily risen, marking an 85% increase in number of accounts per user
  • 73% of provisioned users never use their SaaS application license
  • ChatGPT was found in 96% of analyzed organizations, and usage has increased 24x since its launch
  • 42% of popular AI applications have SAML capabilities, but 80% of these apps are not managed and federated with the SAML protocol

"The sheer volume of unmanaged SaaS apps and AI tools we found in organizations shows the large gap between perceived and actual security," said Lior Yaari, co-founder and CEO of Grip Security. "Businesses need real-time visibility into these applications and a risk governance program to manage their risks to stay ahead of the curve."

The Growing Challenges of Shadow SaaS
A major concern highlighted in the report is the rise of Shadow SaaS and Shadow AI-applications used without IT's visibility or control. These applications put organizations at risk of data breaches, non-compliance issues, operational inefficiencies and confidential information leaks. As Gartner projects that by 2027, 75% of employees will use technologies outside IT's oversight, organizations must rethink their SaaS security strategies to address the growing risk of unmanaged applications.

Despite billions spent on addressing SaaS-related risks, existing security solutions like CASBs have proven inadequate. These tools fail to keep up with the complexities of modern SaaS environments, generating excessive data noise and false positives that hinder security teams from focusing on real threats.

"As SaaS continues to grow, businesses can't afford to rely on outdated tools. A holistic, identity-driven approach is now critical to ensure SaaS security and risk management," added Yaari. "The consequences of inaction are too severe-it's time for enterprises to address this risk proactively and rethink their security strategies to match the speed of SaaS adoption."

Need for a New Approach
Today's SaaS-reliant organizations urgently need to move beyond traditional security tools. As highlighted by industry experts, business-led IT is driving much of this growth. As a result, responsibility for managing SaaS risks can no longer fall solely on IT and security teams-it requires collaboration across departments, including business app owners and end users, to effectively manage SaaS risks at scale. A flexible, identity-centric approach that empowers employees while controlling risk is the only way forward in this evolving landscape.

Without this shift, organizations will remain vulnerable to security breaches. High-profile incidents like those at Snowflake and Microsoft demonstrate the dangers of unmanaged SaaS environments, Shadow SaaS and dangling access. Companies that proactively adjust to these evolving SaaS trends will be better equipped to protect sensitive data, ensure compliance, optimize financial resources and foster innovation while minimizing associated risks.

Published Wednesday, October 23, 2024 11:40 AM by David Marshall
Filed under: ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<October 2024>
SuMoTuWeThFrSa
293012345
6789101112
13141516171819
20212223242526
272829303112
3456789