Survey: More than half of organizations that store customer data in the cloud had security incidents in 2020
Netwrix, a cybersecurity vendor that makes data security easy, today announced the release of its global 2021 Netwrix Cloud Data Security Report. The report reveals that over half (54%) of organizations that store customer data in the cloud had security incidents in 2020. As a result, as many as 62% of organizations plan to remove sensitive data from the cloud or have already done so to improve their data security.
The survey found that the most common types of cloud security incidents in 2020 were phishing (reported by 40% of organizations), ransomware or other malware (24%), and accidental data leakage (17%). Over half of respondents stated that these incidents required obtaining extra budget to address associated security gaps.
Data theft scenarios did considerable damage to business in other ways as well. Incidents involving insider data theft negatively impacted company valuation for 33% of organizations, while data theft by hackers led to customer churn and loss of competitive edge (35% each).
The top data security challenges named by respondents were lack of IT staff (52%), lack of budget (47%) and lack of cloud security expertise (44%). Interestingly, 48% of CISOs noted that the organization’s desire for growth hinders efforts to ensure proper data security in the cloud.
The most popular cloud security controls that organizations already have in their arsenal are encryption (62%), auditing of user activity (58%) and employee training (58%). Also, the majority of respondents either already classify sensitive data in the cloud (49%) or plan to implement this control in the future (31%).
Other survey findings include:
- Every tenth large enterprise (1,000+ employees) that suffered a cloud data breach changed their senior leadership as a result.
- 5% of respondents who experienced cloud data theft by hackers needed years to detect it; this was the only type of incident that took that long to spot.
- Organizations that both classify data and audit user activity are 1.5 times more likely to discover incidents in the cloud in mere minutes.
The top three challenges organizations face in securing data in the cloud are lack of staff, financial resources and expertise. These hardships force security teams to operate in the ‘new day, new breach’ reality. To identify, detect and protect against threats in the cloud continuously, organizations should invest in solutions that help prioritize risks and automate security routines, such as tools that provide data discovery, activity auditing and alerting. That way, security teams can better manage risks, respond to the attacks promptly and minimize negative business outcomes.
Ilia Sotnikov, VP of Product Management at Netwrix
The 2021 Netwrix Cloud Data Security Report is based on feedback from 937 IT professionals worldwide who use private and public cloud services to store their data. To get the complete findings, please visit: www.netwrix.com/2021_cloud_data_security_report.html
Netwrix makes data security easy. Since 2006, Netwrix solutions have been simplifying the lives of security professionals by enabling them to identify and protect sensitive data to reduce the risk of a breach, and to detect, respond to and recover from attacks, limiting their impact. More than 13,000 organizations worldwide rely on Netwrix solutions to strengthen their security and compliance posture across all three primary attack vectors: data, identity and infrastructure.
For more information, visit www.netwrix.com.
Your questions and feedback are always welcome. Please dial our toll-free number: 888 - 638 - 9749, or enter your question details here and we will reply as soon as possible.
Erin Jones, Avista PR for Netwrix
Phone: 704 - 664 - 2170