Infographic Adapting to the New Reality of Evolving Cloud Threats
The shift to the cloud has challenged existing security strategies. Businesses need something new to help them stay ahead of the curve.
By Insight Editor / 26 Aug 2019
By Insight Editor / 26 Aug 2019
Old security systems can’t keep up with the pace of cloud adoption, leaving vital business data open to increasingly complex threats. In this infographic, learn how businesses can build an effective cloud security strategy.
Accessibility note: The infographic is translated below the graphic.
Infographic text included for screen readers:
Today’s cloud migration is challenging existing security paradigms, leaving organizations scrambling to keep up. To maintain visibility and control, companies need new and automated cloud-based security solutions as well as the skill sets and processes to effectively manage them.
According to 1.250 security decision-makers Symantec surveyed worldwide in Spring 2019, the average organization believes its employees are using 452 cloud apps. However, according to Symantec’s own data, the actual number of shadow IT apps in use per organization is nearly four times higher, at 1,807.
Cloud IS the business now.
This is where mission-critical workloads, data and business functions are now taking place. Security must follow.
53% of all compute workload has now been migrated to the cloud according to the external study.
Security can’t keep up.
Cloud adoption is moving too fast and enterprises are struggling to manage increased complexity and loss of control.
54% agree that their organization’s cloud security maturity is not able to keep up with the rapid expansion of new cloud apps.
The complexity in how IT is deployed (public cloud, private cloud, hybrid, on-premises) is creating visibility problems for IT.
93% report issues keeping tabs on all cloud workloads.
Loss of control
Cloud makes it easy to lose control of the data.
93% have a problem oversharing cloud files containing sensitive data.
Increase in lateral movements and cross-cloud attacks
Enterprises often under-estimate the scale and complexity of cloud threats. Perceptions are that data breaches, DDOS attacks and cloud malware injections are the common incidents.
64% of cloud security incidents are due to unauthorized access (an open door for lateral movement), according to Symantec data.
Those who are closest to the organization (trusted insiders with access to protected data) represent some the greatest risks.
Accidental insider threat ranked third on the list of threats to cloud infrastructure, according to survey.
Data for sale
There is significant evidence of data for sale on the Dark Web.
68% have either seen direct or likely evidence that their data had been for sale. 31% did not believe their data was at any risk.
Immature security practices are driving higher incidents of insider threats.
65% neglect to implement multi-factor authentication (MFA) as part of the configuration of IaaS and 80% don’t use encryption, according to Symantec data.
Culture and behavior
These are struggling to keep pace with the shift to cloud.
85% of Symantec customers are not using center for Internet Security (CIS) best practices, according to Symantec internal data.
Poor password hygiene
This is symptomatic of overall lax security behavior.
Weak passwords (37%) and poor password hygiene (34%) top the list of bad behaviors.