Cloud security has become a massive issue in the last decade. Barely a month goes by without a major security breach at a large company. And with companies relying so much on cloud solutions, and hackers taking advantage of system weaknesses, it’s more important than ever to examine the framework behind these cloud vulnerabilities...
Collectively, cloud data breaches cost companies millions in time and money, not to mention the damage caused to the individuals who have their data leaked to third parties or directly exploited. Given that in January 2021, the World Economic Forum listed cybercrime alongside climate change, COVID-19, and the financial crisis as the biggest threats facing the world in the next decade, it’s no wonder cloud security is considered such a pressing issue when you scale your business.
This article will cover statistics highlighting the extent of these cloud security breaches, who is most affected, the economic impact, what the conduits of the security breaches are, and what people intend to do about it. Let’s dive in.
What Is the Extent of These Data Security Breaches?
In 2020, 79% of companies had reportedly experienced at least one cloud data breach. A later study by the same group came up with an even more significant figure. In the last two years, data from IDC and Ermetic showed that the figure had risen to 98%, up by about almost 20% in just two years! [1]
83% of the organizations had experienced more than one breach, and while these statistcs are fairly high, what’s even more shocking is that 43% of companies reported 10 or more breaches in that same time frame. [1]
Who Is Most Affected by Security Breaches?
In this section, we will go over the main targets of security breaches.
Servers
Servers are the targets of 90% of security breaches.
The 2021 Data Breach Investigations Report by Verizon showed that servers are the primary targets for data breaches, consisting of a whopping 90% of security mishaps. [2]
Web application servers came first as the primary breach target, consisting of more than half of breaches.
Of the web application servers affected, the vast majority—96%—were cloud-based mail servers.
Mail servers were second in line as the target of data security breaches, consisting of about a quarter of these breaches.
Not an equal distribution of attacks (or of concern)
The industries affected by cloud computing security problems are not equally affected.
42% of enterprises say their main struggle is with data privacy and security. Small and medium-sized businesses, on the other hand, consider controlling costs to be their greatest challenge at 43%, with data privacy and security only ranking at 36%, and dealing with a lack of cloud security skills at 28%.
Within Infrastructure-as-a-Service (IaaS) environments, one survey found that 45% had experienced security issues, and 26% had suffered data breaches, lower than the national average for the United States as found in other studies. [3]
According to the 2021 Cloud Security Survey by SAN, the main three types of sensitive data that companies tend to store on the cloud include [4]:
- business data (51.1%)
- employee records (52.9%)
- business financial records (50.2%)
This means that the above information is particularly vulnerable to data breaches.
And, over the course of the last two years, 34% of identity-related breaches involved the compromise of privileged accounts. [5]
Remote work
Unfortunately, remote work seems to be an expensive characteristic when it contributes to data breaches.
Breaches involving remote work cost companies an average of a million dollars more than those that do not. To clarify, that’s 4.99 million dollars compared to 4.02 million.
How Much Do These Breaches Cost?
According to Gartner, by 2024, 60% of infrastructure and operations leaders will endure public cloud cost overruns that negatively affect their available budgets. [6]
The yearly financial average loss due to compromised cloud accounts for the 662 US organizations represented in one study was estimated at 6.2 million dollars. [7]
And in the 12 months before the publication of that study, this figure represented an average of 3.5% of the companies’ total revenues—a significant chunk of their budget. In one year, organizations, on average, experience 138 hours of application downtime. That’s a big cumulative cost with knock-on effects reverberating throughout the company.
Hybrid cloud data breaches tell a slightly more positive story than other cloud security breaches, costing 1.19 million dollars less than those affecting public clouds. The data from the Cost of a Data Breach 2022 report by IBM and the Ponemon Institute showed that the average cost of a data breach for a hybrid cloud environment was 3.61 million dollars—which is less than other cloud environments (including private, public, and on-premises). [8]
In IBM’s 2022 report, they found that the average cost of data breaches was up to 6.35 million dollars—an increase of 150,000 dollars from the previous year. This is an all-time high—not the kind of world record you want to break, that’s for sure.
What Are Some Root Causes of Security Breaches?
There are a few different ways that hackers can breach your security parameters. These are some of the major ones.
Ransomware
Ransomware is a major conduit for data breaches:
“This year, ransomware has continued its upward trend with an almost 13% rise—an increase as big as the last five years combined. It’s important to remember that while ubiquitous and potentially devastating, ransomware by itself is, at its core, simply a model of monetizing an organization’s access.”
- Verizon 2022 DBIR
In the IBM 2022 study, 11% of breaches were ransomware attacks, a pretty significant increase from 2021, which saw ransomware breaches at 7.8%. That’s an increase of 41% in one year. The average cost of a ransomware attack, however, went down slightly, from 4.62 million dollars in 2021 to 4.54 million dollars in 2022. [2]
Phishing
51% of organizations have stated that phishing is the most common method that attackers use to acquire real cloud credentials.
According to another report, 25% of all data breaches were said to involve phishing, in which a scammer contacts a target–typically by email–and poses as a trusted source, like a bank, mobile phone company, postal delivery service, or even a friend. [9]
In their email, the scammer attempts to manipulate the target into either giving up sensitive information, such as login details to their VoIP systems, card details, or other personal details they can use to scam them again in the future.
Or else, they try to get the target to click on a malicious link or attachment that looks like something innocent, such as a release from liability template, which causes malware to download to the person’s device.
Misconfigurations
Cloud misconfigurations account for 15% of initial attack vectors in security breaches.
Sometimes though, it’s just internal mistakes. Cloud misconfigurations account for 15% of initial attack vectors in security breaches—the third most common initial attack vector in the breaches analyzed in IBM’s Cost of a Data Breach report.
These types of data breaches take, on average, 186 days to identify and yet another 65 to deal with. Misconfigurations like this cost companies around 3.86 million dollars in total costs.
Palo Alto’s 2020 research showed that 65% of cloud network security issues also stemmed from user errors and misconfigurations. [10]
Gartner’s estimations were even more brutal, projecting that by 2025, 99% of cloud security failures would be the customers’ fault—either to suggest that misconfigurations are a pretty concerning issue, or that proportionally, this number will go up as fixes for other types of security breaches are improved. [11]
And according to a different piece of research, the most commonly-cited cloud threats found were misconfiguration, account hijacking, unauthorized access, and insecure interfaces. [12]
A separate report strengthens this finding, stating that misconfiguration is the main cloud security threat, followed by a lack of visibility into access settings and activities, followed by permission errors in identity and access management (IA). [13]
Lack of security measures
Palo Alto’s 2021 report showed that nearly a third of organizations fail in implementing decent security measures in the cloud, measures which are needed to help protect cloud environments from attacks and patch up any vulnerabilities. [14]
Data from IDC and Ermetic showed that access-related vulnerabilities are behind 83% of cloud security breaches, with the top industries affected being media, healthcare, and utilities.
The report also showed that larger companies were at higher risk (60% of businesses with 10,000 or more employees) of experiencing these data breaches than companies with fewer employees. This is likely because the bigger the business, the more possible entry points there are for hackers to sneak into your system.
Many companies don’t use all the permissions they have access to, which enables hackers to take advantage of accounts with misconfigured permissions in order to access sensitive data with zero detection by IT teams. There’s also the problem of insider threats and neglected accounts that can get hacked without anyone noticing.
What Does the Future of Cloud Security Look Like?
We’ll break down some of the trends coming up over the next year.
The future looks… cloudy
According to Cynet’s 2021 Survey of CISOs with Small Cyber Security Teams, companies with smaller IT security departments are primarily looking to the cloud in order to make use of security systems—57% to be precise. [15]
On-premises solutions are prioritized by 21% of respondents, and hybrid solutions by 13%.
A survey by the Ponemon Institute from 2021 looked at 100 North American heads of IT security to gain some insight into their security strategy priorities. The survey found that 72% of IT security heads rank the cloud as their companies’ top priority for digital transformation. [16]
72% of IT security heads rank the cloud as their companies’ top priority for digital transformation.
66% were already using public key infrastructure automation or were currently deploying it as part of their team standup do’s and don’ts.
49% mentioned a cloud-first public key infrastructure deployment approach in their list of priorities, as well as certificate lifecycle automation at 56%, and public key infrastructure visibility at 71%.
Who’s responsible?
There are a lot of opinions about who is most responsible for breaches and brute force attacks that have already occurred, and for preventing future data leaks.
30% of respondents in one survey stated that the end-users of their company were primarily responsible for ensuring the SaaS applications’ security within their organization. [7]
24% stated that it is a joint responsibility between their organization and the cloud service provider. 20% asserted that their own IT security function should be primarily responsible.
This IBM study found that 19% of breaches occurred because of a compromise with a business partner. It really is a “weakest link” situation. You only need one vulnerability for hackers to find their way into your system. [17]
Integration
In 2020, 79% of respondents stated that having consistent, integrated security and management over their data in the public cloud, the private cloud, and the hybrid cloud was very important, with just 4% stating that it wasn’t at all important. [18]
Education
Training and certifying IT staff was the primary method, at 61% in this study, for making sure that changing and evolving security demands were met. 58% of respondents stated that they relied on their cloud provider’s own security systems. 34% were interested in hiring more staff for the purposes of tackling cloud security. [19]
Doing things by hand
22% of organizations, according to this particular study, stated that they still assess their cloud security manually, which leaves a lot of room for human error, and places a burden on staff and security resources. [20]
Zero Trust
41% of organizations in the 2022 IBM study stated that they deploy a Zero Trust security architecture. The other 59% incur an average of 1 million dollars in greater breach costs compared to those that deploy Zero Trust. Among critical infrastructure organizations, an even higher 79% don’t deploy Zero Trust, which leads to an average of 5.4 million dollars in breach costs, which is more than 1 million dollars above the global average.
Perhaps the future of cloud security should feature Zero Trust security architecture.
Incidents report teams
Having an incidents report team and an incidents report plan that was tested regularly led to big savings. Organizations that enjoyed an IR team that tested its IR plan saved up to an average of 2.66 million dollars more in breach costs than companies without an IR team and that don’t test an IR plan. That’s a 58% difference in cost savings. [17]
Artificial Intelligence to the rescue
3.05 million dollars could be saved, on average, by fully deploying security AI and automation.
The IBM report from 2022 found that 3.05 million dollars could be saved, on average, by fully deploying security AI and automation. Organizations with AI and automation experienced a loss of 3.05 million dollars less than breaches at organizations with no security AI and automation deployed. That’s a 65.2% difference.
The organizations also found it took, on average, 74 days less to find and control the breach (the breach lifecycle), than those with no security AI and automation. That’s 249 days versus 323 days.
Finally, the use of security AI and automation rose by nearly a fifth in the two years between 2020 and 2022, from 59% to 70%.
In a nutshell…
Security breaches are a very expensive business, but there are a few ways to combat them, such as the deployment of AI for security, advanced threat protection tools, automation, and Incidents Report teams, as well as Zero Trust security architecture.
A hybrid cloud environment appears to experience significantly less financial loss from breaches than purely private or public cloud models, so this is likely something companies will consider going forward.
Finally, strong access management can help protect against breaches. StrongDM provides a positive, simple, and frictionless service. It is specifically designed to securely and seamlessly authenticate and authorize access, giving you peace of mind that your system is secure.
Ready to get started? Get a glimpse of our infrastructure access management solution today with our 14-day StrongDM free trial.
References
- State of Cloud Security 2021: More Aware Yet Very Exposed
- DBIR Report 2022 - Summary of Findings | Verizon Business
- 45% of cyber security attacks fuelled by lack of visibility over IaaS cloud infrastructure
- SANS 2021 Cloud Security Survey
- Identity Security: A Work In Progress
- 6 Ways Cloud Migration Costs Go Off the Rails
- The Cost of Cloud Compromise and Shadow IT
- Cost of a data breach 2022 | IBM
- 2022 Data Breach Investigations Report | Verizon
- Unit 42 Cloud Threat Report - Securing IAM
- Is the Cloud Secure?
- 2020 Cloud Security Report
- State of Cloud Security 2021: More Aware Yet Very Exposed
- Highlights from the Unit 42 Cloud Threat Report
- 2021 Survey of CISOs with Small Security Teams
- Executive Report Shows PKI is Essential to Zero Trust
- Cost of a Data Breach Report 2022 | IBM
- 3 Surprises in the 2020 Big Data & Analytics Maturity Survey
- 2020 Cloud Security Report
- Cloud Security Best Practices Report | Tripwire
