Evolving Cybersecurity Threats on Cloud Must be Understood and Managed: Symantec Report
Cloud has been not well acknowledged and understood by the industry. Enterprises of almost every class including small and mid-sized are adopting cloud and transforming their style of work. In today’s context, in most used cases, cloud computing is running the whole business. It has become a new way of getting the business essential things done.
Cybersecurity among SMEs
However, the cybersecurity threats become even more challenging in the case of MSMEs(Micro, Small & Medium Enterprises). The technology dependency is growing with equal pace among MSMEs and SMEs, but the skillset for technology management is not moving ahead with the same pace. This situation makes the entire cybersecurity landscape highly vulnerable among small business segment.
But this dynamic digital transformation also brings with it a serious set of cybersecurity challenges, including a lack of visibility into corporate infrastructure, the difficulty of protecting complex, heterogeneous IT environments, and a growing number of attack surfaces. Cybersecurity players are observing such developments closely. One such global major name is Symantec, and it time-to-time issues reports and alerts that explains the situation of cyber threats.
Cybersecurity Threats on Cloud
The scope of shadow IT and shadow data usage, and to gauge the maturity of security practices as enterprises transition to the cloud.
We found that the complexity in the way the cloud is used creates serious visibility problems for IT. Tracking these cloud workloads is a universally recognized problem. Ninety-three per cent of survey respondents reports they have issues keeping tabs on all their cloud workloads. And the problem will continue to grow rapidly.
ALSO READ: Cybersecurity Among SMEs
Most IT and SecOps organizations are underestimating the amount of cloud in use and it’s growth rate. According to the survey, the average organization believes its employees are using 452 cloud apps. However, according to Symantec’s own data, the actual number of shadow IT apps in use per organization is nearly four times higher, 1,807. The survey found cloud app deployment increased 16 per cent over the past 12 months and is expected to surge 22 per cent in the next year. Given the significant underestimation of apps in use coupled with the rapid growth rate, organizations are facing a mounting challenge to secure their migration to the cloud.
Oversharing cloud files containing sensitive and compliance-related data was cited as a problem by 93 per cent of respondents. Additionally, according to the survey, respondents are underestimating the risks associated with compromised accounts by a factor of 8.
The survey also found companies aren’t able to adapt their security to their increasing cloud use. More than half of respondents (54 per cent) say their organization’s cloud security hasn’t been able to keep up with the expansion of their use of new cloud apps.
Because of organizations’ immaturity in cloud security, enterprises often underestimate the scale and complexity of cloud attacks. The survey found DDOS attacks and cloud malware injections are the three most commonly investigated cloud security incidents. And while they struggle with stopping data breaches, internal Symantec data also indicates that unauthorized access threats account for the bulk of such incidents (64 per cent.) That shows that organizations’ security culture and behaviour are struggling to keep pace with the shift to the cloud. Indeed, Symantec internal data shows that 85 per cent of companies is not using the best cloud security practices as outlined by the Center for Internet Security.
The Recommended Roadmap Ahead
The cloud is the centre of IT and increasingly, the foundation for cybersecurity. Understanding how threat vectors are shifting in the cloud is fundamental to making the necessary updates to your security program and strategy. Symantec’s Cloud Security Threat Report shines a light on how to secure the digitally transformed, virtual organization of today and tomorrow.