Most businesses are worried about the current state of their public cloud security, with 70% admitting they have experienced a breach over the past year including 93% in India, where this figure is highest worldwide. Companies that used more than one public cloud platforms reported more security incidents than their peers that used only one platform.
In addition, system misconfigurations enabled 66% of cyber attacks either because attackers were able to exploit a misconfigured system or tap flaws in the firewall applications to steal credentials of cloud provider accounts. Data loss or leak was the biggest security concern, with 44% of organisations pointing to this as a top focus area, according to Sophos’ State of Cloud Security 2020 study.
Conducted by Vanson Bourne, the survey polled 3,521 IT managers across 26 markets including 158 in Singapore, 227 in India, 162 in China, 148 in Australia, 126 in Japan, 191 in the UK, and 413 in the US. These respondents used services from at least one of the following public cloud providers: Amazon Web Services (AWS) and VMWare Cloud on AWS, Microsoft Azure, Alibaba Cloud, and Oracle Cloud. They also might have used Google Cloud and IBM Cloud.
The study revealed that all respondents in Singapore expressed concerns about the current state of their cloud security, with 51% citing the need to identify and respond to security incidents as a top security concern, while another 50% pointed to data leaks. Some 71% in the city-state had experienced a public cloud security breach in the past year, including 66% who encountered ransomware and other malware and 30% who reported data leak. Some 19% uncovered accounts that were compromised while 13% reported cryptojacking.
Worldwide, 96% were concerned about the current level of their public cloud security, according to the report. Amongst the 70% that experienced a security breach, half suffered a malware of some form.
India, where 93% reported a public cloud-related breach, also saw the highest number of stolen cloud account credentials at 48% and highest number of reported cryptojacking attacks 36%. This was despite 92% of respondent stating they had complete visibility of all their cloud assets.
Sophos noted this reflected a lack of comprehensive cyber hygiene, which resulted in weaknesses in cloud security configurations and left organisations vulnerable to attacks.
The security vendor added that Asia-Pacific saw the highest proportion of attacks, with 37% experiencing ransomware attacks and 35% reporting compromised data. Europe, on the other hand, experienced the lowest proportion of security breaches, which Sophos attributed to the region’s implementation of GDPR (General Data Protection Regulation).
Europe reported the lowest rates of malware infections at an average 29%, while 24% experienced data leaks and 22% encountered ransomware attacks.
Amongst their top cloud security concerns, globally, 41% cited the ability to identify and respond to security incidents, while 28% pointed to having to manage multiple cloud service providers.
Some 73% of companies were operating multi-vendor public cloud environments and, the survey revealed, also reported up to twice as many more security incidents than their peers that ran single cloud platforms. For instance, 39% of those running multi-cloud environments experienced malware, compared to 21% that operated a single cloud environment. Another 34% with multi-cloud platforms reported data leaks, compared to 14% that ran single cloud environments.
And while half of those that operated a single cloud platform did not experience any security breach, just 22% of those running multi-cloud environment said likewise.
Sophos’ principal research scientist Chester Wisniewski said: “The recent increase in remote working provides extra motivation to disable cloud infrastructure that is being relied on more than ever, so it’s worrisome that many organisations still don’t understand their responsibility in securing cloud data and workloads. Cloud security is a shared responsibility and organisations need to carefully manage and monitor cloud environments in order to stay one step ahead of determined attackers.”