News

Report Sheds Light on Public Cloud Security Incidents

• By Scott Bekker
• 07/09/2020

U.K.-based security company Sophos released a report, "The State of Cloud Security 2020," suggesting that seven in 10 organizations have experienced public cloud security incidents in the last year.

The findings are based on responses from more than 3,500 IT managers in 26 countries to a survey conducted in January and February.

The report doesn't reflect any conclusions about changes in attack patterns since the COVID-19 pandemic resulted in a remote-work surge, increasing reliance on public cloud platforms. However, the survey reveals eye-opening trends about how common public cloud security incidents were already becoming at the beginning of this calendar year.

"Seventy percent of respondents said they had suffered a public cloud security breach in the last year," the report states. "This is extremely worrisome for organizations, with 96 percent of the 3,521 respondents expressing concern about their current level of security across the six major public cloud platforms."

For purposes of the survey, Sophos focused its definition of public cloud on Microsoft Azure, Oracle Cloud, Amazon Web Services (AWS), VMware Cloud on AWS and Alibaba Cloud. In addition, some respondents were also using Google Cloud and IBM Cloud.

As for how attackers are getting in, a third of the survey respondents attributed incidents to having cloud account credentials stolen. The other two-thirds of breaches resulted from a security misconfiguration. Of the misconfigurations, 22 percent involved cloud resource misconfigurations and 44 percent occurred at the Web application firewall.

Organizations using multiple public clouds may be having more trouble than those concentrating on a single cloud, the survey suggests. " Security risks inevitably multiply as organizations expand their number of cloud environments. Seventy-three percent of the organizations surveyed were using two or more public cloud providers and reported up to twice as many security incidents as those using one cloud platform," according to the report.

The full report is available here.