Survey: More than half of organizations that store customer data in the cloud had security incidents in 2020
Netwrix, a cybersecurity vendor that makes data security easy, today announced the release of its global 2021 Netwrix Cloud Data Security Report. The report reveals that over half (54%) of organizations that store customer data in the cloud had security incidents in 2020. As a result, as many as 62% of organizations plan to remove sensitive data from the cloud or have already done so to improve their data security.
The survey found that the most common types of cloud security incidents in 2020 were phishing (reported by 40% of organizations), ransomware or other malware (24%), and accidental data leakage (17%). Over half of respondents stated that these incidents required obtaining extra budget to address associated security gaps.
Data theft scenarios did considerable damage to business in other ways as well. Incidents involving insider data theft negatively impacted company valuation for 33% of organizations, while data theft by hackers led to customer churn and loss of competitive edge (35% each).
The top data security challenges named by respondents were lack of IT staff (52%), lack of budget (47%) and lack of cloud security expertise (44%). Interestingly, 48% of CISOs noted that the organization’s desire for growth hinders efforts to ensure proper data security in the cloud.
The most popular cloud security controls that organizations already have in their arsenal are encryption (62%), auditing of user activity (58%) and employee training (58%). Also, the majority of respondents either already classify sensitive data in the cloud (49%) or plan to implement this control in the future (31%).
Other survey findings include:
- Every tenth large enterprise (1,000+ employees) that suffered a cloud data breach changed their senior leadership as a result.
- 5% of respondents who experienced cloud data theft by hackers needed years to detect it; this was the only type of incident that took that long to spot.
- Organizations that both classify data and audit user activity are 1.5 times more likely to discover incidents in the cloud in mere minutes.
The top three challenges organizations face in securing data in the cloud are lack of staff, financial resources and expertise. These hardships force security teams to operate in the ‘new day, new breach’ reality. To identify, detect and protect against threats in the cloud continuously, organizations should invest in solutions that help prioritize risks and automate security routines, such as tools that provide data discovery, activity auditing and alerting. That way, security teams can better manage risks, respond to the attacks promptly and minimize negative business outcomes.
Ilia Sotnikov, VP of Product Management at Netwrix
The 2021 Netwrix Cloud Data Security Report is based on feedback from 937 IT professionals worldwide who use private and public cloud services to store their data. To get the complete findings, please visit: www.netwrix.com/2021_cloud_data_security_report.html
Netwrix is reinventing data security based on the premise that data security and identity security cannot work in isolation. The Netwrix 1Secure platform provides security teams with clear visibility into who has access to sensitive information, enabling them to safeguard those identities, strengthen data protection, and stay ahead of evolving threats. Netwrix offers a comprehensive set of solutions that protect identities and data for over 13,500 organizations globally. Netwrix AI and flexible deployment options make it easier, faster, and more economical than ever for security teams to investigate and remediate threats. Netwrix: Data security that starts with identity.
For more information, visit www.netwrix.com.
Your questions and feedback are always welcome. Please dial our toll-free number: 888 - 638 - 9749, or enter your question details here and we will reply as soon as possible.
Erin Jones, Avista PR for Netwrix
Phone: 704 - 664 - 2170