Head in the clouds : Humans cause nine out of ten data breaches in the cloud

• Around 90% (SMBs (88%) and enterprises (91%)) of corporate data breaches in the cloud happen due to social engineering techniques targeting customers’ employees, not because of problems caused by the cloud provider.

Incidents in public cloud infrastructure are more likely to happen because of a customer’s employees rather than actions carried out by cloud providers, according to a new Kaspersky Lab report –‘Understanding security of the cloud: from adoption benefits to threats and concerns’. Companies expect cloud providers to be responsible for the safety of data stored on their cloud platforms.

However, around 90% (SMBs (88% ) and enterprises (91% )) of corporate data breaches in the cloud happen due to social engineering techniques targeting customers’ employees, not because of problems caused by the cloud provider.

Cloud adoption allows organizations to benefit from more agile business processes, reduced CAPEX and faster IT provision. However, they also worry about cloud infrastructure continuity and the security of their data. At least a third of both SMB and enterprise companies (35% SMB and 39% enterprise) are concerned about incidents affecting IT infrastructure hosted by a third party. The consequences of an incident may make the benefits of cloud redundant and instead evoke painful commercial and reputational risks.

Even though organizations are primarily worried about the integrity of external cloud platforms, they are more likely to be affected by weaknesses far closer to home. A third of incidents (33%) in the cloud are caused by social engineering techniques affecting employee behavior, while only 11% can be blamed on the actions of a cloud provider.

The survey shows there is still room for improvement to ensure adequate cybersecurity measures are in place when working with third parties. Only 39%  of SMBs and half (47% ) of enterprises have implemented tailored protection for the cloud. This may be the result of businesses largely relying on a cloud infrastructure provider for cybersecurity. Alternatively, they could have false confidence that standard endpoint protection works smoothly within cloud environments without diminishing the benefits of cloud.

“The first step for any business when migrating to public cloud is to understand who is responsible for their business data and the workloads held in it. Cloud providers normally have dedicated cybersecurity measures in place to protect their platforms and customers, but when a threat is on the customer’s side, it is no longer the provider’s responsibility. Our research shows that companies should be more attentive to the cybersecurity hygiene of their employees and take measures that will protect their cloud environment from the inside,” – commented Maxim Frolov, Vice President of Global Sales at Kaspersky Lab.

There are some specific measures that Kaspersky Lab advises businesses take, to ensure their data remains secure in the cloud:

  • Explain to employees that they can become victims of cyberthreats. They mustn’t click on links or open attachments in communications from unknown users. Dedicated awareness training, such as gamified Kaspersky Security Awareness, can help with this
  • To minimize the risk of unapproved use of cloud platforms, educate staff about the negative effect of shadow IT and establish procedures for purchasing and consuming cloud infrastructure for each department
  • Use an endpoint security solution to prevent social engineering attack vectors. It should include protection for mail servers, mail clients and browsers
  • Implement protection for your cloud infrastructure as soon as possible after migration. Choose a dedicated cloud cybersecurity solution with a unified management console to manage security across all cloud platforms, and support automatic detection of cloud hosts, as well as auto-scale the roll out of protection to each one
  • Kaspersky Hybrid Cloud Security offers businesses multi-layered protection for multi-cloud environments, unified cybersecurity and seamless orchestration. The solution detects common and complex threats and protects the entire cloud infrastructure — from on-premise virtualized environments to public cloud platforms — such as AWS and Microsoft Azure

The full report, ‘Understanding security of the cloud: from adoption benefits to threats and concerns’, is available here.