Laminar, a leader in public cloud data security, released findings from its 2022 Security Professional Insight Survey conducted at AWS re:Inforce in July and Black Hat this month. The research revealed gaps in organizations’ defenses that security teams will want to address to reduce their risk of data exposure. A total of 415 security professionals participated, representing leadership and line roles.
Nearly two-thirds (65.1 percent) of respondents said they have data resident in the public cloud (Amazon Web Services, Microsoft Azure, or Google Cloud Platform). With public cloud adoption having a compound annual growth rate (CAGR) of nearly 26 percent, it’s surprising that respondents haven’t hardened data security for these assets. Less than half (40.3 percent) said they had a public cloud data security tool in place to monitor for insider and outsider threats and data exfiltration.
As a result, many organizations lack visibility into unauthorized public cloud data access. More than a third (38.3 percent) don’t know if they have had a third party successfully exfiltrate their public cloud data in the past six months, while nearly one in ten (9.6 percent) have experienced a recent exposure. Similarly, more than a third (37.4 percent) can’t tell whether an internal employee accidentally accessed sensitive data in the cloud. As a result of organizations’ lack of visibility, it’s likely that data exfiltration rates are much higher than reported.
Public cloud usage is likely to grow as organizations continue to embrace hybrid work, accelerate digitization and seek to increase business agility and flexibility. That means more sensitive data will be placed in the public cloud. Yet, organizations’ security practices are ill-equipped to protect this information, creating an opening for insiders and outsiders to exploit.
Nearly two-thirds (62.3 percent) of respondents said their organizations have a hybrid work model, while another quarter (25.9 percent) are remote. As a result, data are outside the control of the traditional on-premises security perimeter and must be secured and monitored with new, cloud-native solutions.
“The acceleration of public cloud adoption and hybrid work model have unfortunately created blindspots for security teams. Luckily, security teams can immediately improve visibility into who is accessing and using their data by deploying a public cloud data security platform,” said Amit Shaked, CEO and co-founder of Laminar.
“Using a cloud-native solution like Laminar’s Cloud Data Security Platform helps data security teams discover, prioritize, secure and monitor the data used and stored across multi-cloud environments,” Shaked added. “Organizations can then discover and classify all data, prioritize these assets by risk, enforce security best practices and data policies and monitor cloud infrastructure for data anomalies. As a result, security teams at these organizations can proactively reduce their data exposure surface and move swiftly to address suspected incidents, limiting their damage.”
To learn more, visit www.laminarsecurity.com.