Illumio: Nearly half of data breaches originate in the cloud

Illumio has released a new report suggesting that Zero Trust Segmentation (ZTS) is essential for cloud security.

The company has today released the Cloud Security Index: Redefine Cloud Security with Zero Trust Segmentation, which presents the findings of global research into the current state of cloud security, the impact of cloud breaches and why traditional cloud security technologies fail to keep organisations secure in the cloud. 

1,600 IT and security decision makers across nine countries were surveyed and it was uncovered that cloud risks are only getting worse, with Illumio suggesting that ZTS could be essential for the modern cybersecurity landscape. 

Traditional cloud security is ‘failing’ the modern enterprise

Illumio’s key findings from the report highlight that 47% of all data breaches originated in the cloud, with more than 6 in 10 respondents believing that cloud security is lacking. This ultimately poses a large risk to business operations.

In addition, the report found that cloud breaches cost organisations on average US$4.1m, yet 26% of businesses are operating under the assumption that breaches are not inevitable - an attitude that is quickly becoming outdated, as highlighted by Illumio.

Illumio has noted that 98% of organisations store their most sensitive data in the cloud, including financial information, business intelligence and customer or employee personally identifiable information (PII). However, as businesses increasingly rely on the cloud to house their sensitive data, there are inevitably risks, with 9 in 10 concerned that unnecessary or unauthorised connectivity between cloud services increases their likelihood of a breach.

According to the research, the main threats to organisations’ cloud security are: Workloads and data overlapping traditional boundaries (43%), a lack of understanding of the division of responsibility between cloud providers and vendors (41%), social engineering attacks (36%), a lack of visibility across multi-cloud deployments (32%) and rising malware and ransomware attacks (32%).

The report highlights an overwhelming belief that the current enterprise approach to cloud security is creating severe risks, with 95% saying they need better visibility of connectivity with third party software. 

Workforce calls for better software visibility

The existing lack of visibility is impacting organisations' ability to respond to attacks, according to Illumio, with 95% saying they need to improve their reaction time to cloud breaches. Industry decision makers are also worried about the business repercussions of a cloud breach, with the top concerns being reputational damage and loss of public trust (39%), loss of sensitive data (36%) and a loss of revenue generating services (35%).

The report highlights that ZTS should be non-negotiable for businesses when it comes to cloud security. ZTS strategies aim to address visibility and security concerns by continuously monitoring the connectivity between cloud applications, data, and workloads, minimising the reach and impact of an attack by containing its spread and offering insights into unnecessary connectivity that could be leading to increased vulnerability.

Organisations need up-to-date security measures that can offer real-time visibility to better mitigate risk, as well as optimise cloud opportunities. Speaking on how to achieve better cloud security measures, Raghu Nandakumara, Head of Industry Solutions at Illumio, told Cyber Magazine: “Most organisations now host sensitive data and applications in the cloud, making cloud environments an increasingly prime target for attacks. Yet, current cloud security solutions are proving to be inadequate in safeguarding against cyber threats. 

“Businesses are left struggling with the complexity of applications and workloads, the multitude of services offered by cloud providers, and poor visibility. These ever-increasing complexities mean that organisations are only ever one security misconfiguration away from a serious breach.

He continues: “In simple terms, the cloud environment is dynamic, but current security tools are not. This makes it time consuming for IT teams to protect applications in real-time, as well as difficult to deliver consistent security policy across hybrid environments.  Zero Trust Segmentation solves this problem by taking a context-based approach to security policy definition.

“With Zero Trust Segmentation, organisations can understand which assets and applications they have running in the cloud, and more importantly, how they interact with each other and outside of the cloud.  This is critical for achieving digital trust, business continuity, and cyber resilience and reducing the impact of cloud breaches.”

******

For more insights into the world of Cyber - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - Technology Magazine | AI Magazine.

Please also check out our upcoming event - Net Zero LIVE on 6 and 7 March 2024.  

******

BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.

BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.