CAMPBELL, CA – April 11, 2018 – Bitglass, the Next-Gen CASB company, today announced the findings of its “Cloud Hard 2018: Security with a Vengeance” Report, which features survey insights from over 570 cybersecurity and IT professionals on their approach to cloud security. Visibility and compliance challenges continue to haunt organisations, with 44 percent of respondents claiming they have visibility into external sharing and DLP policy violations in their cloud application and environments. More shocking was the fact that 85 percent of organisations acknowledged they were unable to identify anomalous behaviour across cloud applications.
The cloud security market is growing in large part because traditional security infrastructure has failed. Where next-gen firewalls and built-in capabilities are insufficient for regulatory compliance, internal compliance, and cloud data protection, dedicated cloud security becomes critical. Specifically, 84 percent of respondents say traditional security solutions don’t work or have limited functionality in the cloud.
“Cloud security is here to stay as is evident by the concerns and challenges survey respondents highlighted,” said Bitglass CMO Rich Campagna. “Enterprise security teams are concerned about the next-generation of cloud threats that pose a risk to corporate data. There has already been immense progress in the past five years as security personnel come to the realisation that legacy security tools and processes are not enough to secure their ever-changing ecosystem.”
When asked about biggest security threats to their organisation, most cited misconfigurations (62 percent) similar to the numerous AWS S3 leaks over the past year, followed by unauthorised access (55 percent). 39 percent said external sharing was the most critical threat while 26 percent highlighted malware and ransomware.
Key Report Highlights:
- Less than half (44%) have visibility into external sharing and DLP policy violations.
- Only 15% of organisations surveyed can see anomalous behaviour across apps.
- While 78% have visibility into user logins, only 58% have visibility into file downloads and 56% into file uploads.
- To protect mobile data, 38% of organisations install agents and 24% use a trusted device model, where only provisioned corporate-owned devices are allowed access to company systems.
- 11% have no mobile access control solution in place, granting access to any smartphone or tablet.
- 69% of organisations rely solely on endpoint solutions for malware protection, tools which cannot detect or block malware at rest in the cloud or employees’ BYO devices.
For more findings and to view the complete report, please visit: https://pages.bitglass.com/CloudHard_LP.html
Bitglass, the Next-Gen CASB company, is based in Silicon Valley with offices worldwide. The company's cloud security solutions deliver zero-day, agentless, data and threat protection for any app, any device, anywhere. Bitglass is backed by Tier 1 investors and was founded in 2013 by a team of industry veterans with a proven track record of innovation and execution.
Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.
Cybersecurity Insights - Attack
No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?
Cybersecurity Insights - People
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.