Cloud data breaches are becoming a serious threat for businesses everywhere

News
By
published

Cloud use is growing, and with it come more threats, report finds

Image of someone clicking a cloud icon.
Image Credit: Shutterstock (Image credit: Shutterstock)

As the use of cloud among organizations continues to grow, hackers are increasingly targeting cloud resources, wreaking havoc among the victims, new research ahs warned.

The 2024 Thales Cloud Security Study, based on a poll of almost 3,000 IT and security professionals across 18 countries and 37 industries, Tfound almost half (44%) of respondents experienced a cloud data breach, with 14% suffering one in the last 12 months.

SaaS applications are the biggest target (31%), followed by cloud storage (30%), and Cloud Management Infrastructure (26%) categories. This share also makes sense knowing how organizations use the cloud. Two-thirds (66%) are using more than 25 SaaS applications, and almost half (47%) of the data they’re using is labeled ‘sensitive’. At the same time, data encryption rates remain low, with less than 10% of enterprises encrypting 80% or more of their sensitive cloud data. 

Human error and misconfiguration

When discussing the causes of these incidents, Thales found human error and misconfiguration continues being the biggest issue with cloud-based solutions (31%), followed by exploiting known vulnerabilities (28%), and failing to use multi-factor authentication (MFA - 17%).

All of this has forced organizations to be more proactive when it comes to defending their cloud premises, and to invest more in cybersecurity. Many are now focused on “digital sovereignty”, and on refactoring applications to “logically separate, secure, store, and process” cloud data. 

The number one motivation behind digital sovereignty was future-proofing cloud environments (31%), followed by adhering to regulations (22%).

“As the cloud attack surface expands, organizations must get a firm grasp on the data they have stored in the cloud, the keys they’re using to encrypt it, and the ability to have complete visibility into who is accessing the data and how it being used,” said Sebastien Cano, Senior Vice President for Cloud Protection and Licensing activities at Thales.

“It is vital to solve these challenges now, especially as data sovereignty and privacy have emerged as top concerns in this year’s research.”

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.