Traditional cloud security isn’t up to the task
In the last year, 47% of all data breaches originated in the cloud, and more than 6 in 10 respondents believe cloud security is lacking and poses a severe risk to their business operations, according to Illumio.
The average organization who suffered a cloud breach last year lost nearly $4.1 million, yet 26% are operating under the assumption that breaches are not inevitable, posing serious risks to the business and its customers.
97% believe Zero Trust Segmentation (ZTS) can greatly improve their organization’s cloud security strategy because it improves digital trust (61%), ensures business continuity (59%), and bolsters cyber resilience (61%).
Securing sensitive data in the cloud
As organizations take their most sensitive data to the cloud, they face increased complexity and risk. 98% of organizations store their most sensitive data in the cloud, including financial information, business intelligence, and customer or employee personally identifiable information (PII). Yet, over 9 in 10 are concerned that unnecessary or unauthorized connectivity between cloud services increases their likelihood of a breach.
According to the research, the main threats to organizations’ cloud security are: workloads and data overlapping traditional boundaries (43%); a lack of understanding of the division of responsibility between cloud providers and vendors (41%); social engineering attacks (36%); a lack of visibility across multi-cloud deployments (32%); and rising malware and ransomware attacks (3%).
Respondents overwhelmingly believe their organization’s current approach to cloud security creates severe risks: 95% say they need better visibility of connectivity with third party software. This lack of visibility is impacting organizations’ ability to respond to attacks, with 95% saying they need to improve their reaction time to cloud breaches.
Respondents worry about the business repercussions of a cloud breach – their top three concerns being: reputational damage and loss of public trust (39%); loss of sensitive data (36%); and a loss of revenue generating services (35%).
Asset segmentation in cloud security
93% of IT and security decision makers believe that segmentation of critical assets is a necessary step to secure cloud-based projects. Additionally, organizations with dedicated microsegmentation technology were less likely to have suffered a cloud breach in the last year (35%) than those without it (43%).
And ZTS addresses organizations’ visibility and security concerns by: continuously monitoring the connectivity between cloud applications, data, and workloads (55%); minimizing the reach and impact of an attack by containing its spread (51%); and offering insights into unnecessary connectivity that could be leading to increased vulnerability (45%).
“Because cloud environments are dynamic and interconnected, they’re increasingly challenging for security teams to navigate with legacy solutions,” said John Kindervag, Chief Evangelist at Illumio. “Organizations need modern security approaches that offer them real-time visibility and containment by default to mitigate risk and optimize opportunities afforded by the cloud. I’m optimistic that nearly every security team is prioritizing improving cloud security in the months ahead, and that they see solutions like ZTS as an essential piece of their Zero Trust journey.”