Humans cause 90% of cloud data breaches

   

27 May 2019

Humans cause 90% of cloud data breaches

Incidents in public cloud infrastructure are more likely to happen because of a customer’s employees rather than actions carried out by cloud providers, according to a new Kaspersky Lab report.

Companies expect cloud providers to be responsible for the safety of data stored on their cloud platforms, the report found. However, around 90% of corporate data breaches in the cloud happen due to social engineering techniques targeting customers’ employees, not because of problems caused by the cloud provider.

Cloud adoption allows organizations to benefit from more agile business processes, reduced capex and faster IT provision. However, they also worry about cloud infrastructure continuity and the security of their data. At least a third of both SMB and enterprise companies are concerned about incidents affecting IT infrastructure hosted by a third party. The consequences of an incident may make the benefits of cloud redundant and instead evoke painful commercial and reputational risks.

Even though organizations are primarily worried about the integrity of external cloud platforms, they are more likely to be affected by weaknesses far closer to home. A third of incidents (33%) in the cloud are caused by social engineering techniques affecting employee behavior, while only 11% can be blamed on the actions of a cloud provider.

The survey shows there is still room for improvement to ensure adequate cybersecurity measures are in place when working with third parties. Only 39%  of SMBs and half (47% ) of enterprises have implemented tailored protection for the cloud. This may be the result of businesses largely relying on a cloud infrastructure provider for cybersecurity. Alternatively, they could have false confidence that standard endpoint protection works smoothly within cloud environments without diminishing the benefits of cloud.

“The first step for any business when migrating to public cloud is to understand who is responsible for their business data and the workloads held in it,” Kaspersky Lab VP of global sales Maxim Frolov said.

“Cloud providers normally have dedicated cybersecurity measures in place to protect their platforms and customers, but when a threat is on the customer’s side, it is no longer the provider’s responsibility. Our research shows that companies should be more attentive to the cybersecurity hygiene of their employees and take measures that will protect their cloud environment from the inside.”

View all News
Loading

Thank you to all our Partners & Sponsors

OFFICIAL GOVERNMENT CYBERSECURITY PARTNER

Dubai Electronic Security Center Logo

Official Smart City Partner

dp

Strategic Sponsors & Partners

Strategic Partner

Strategic AI Partner

Huawei_gisec

Strategic Sponsor


sap

IOT Partner


Vodafone_iotx

 

Strategic Partner


cb

 

Official Digital Partner

etisalat_gisec

Strategic Partner

Strategic Partner

tahaluf

Platinum & Diamond sponsors

Platinum Sponsor

pp

Diamond Sponsor

fe

Gold sponsors


cs
 

gold sponsor


so

know

emailauth
HumanFirewall

thales

Silver sponsors

cf

df

Education Partner

isc2

ras

vf

west

GISEC

GISEC

nedaa

oracle_gisec

crest

Country Partner

India Pavilion Partner

Logo

Thank you to Exhibitors

VIEW MORE EXHIBITORS
 

Thank you to our Media Partners