Cloud Security: Heightened concern over partner, vendor risk
Couldn't attend Transform 2022? Check out all the summit sessions in our on-demand library now! Look here.
There is an ever-increasing push towards the cloud.
This comes with increasing risks from partners, vendors and third parties, vulnerabilities and misconfigurations that can be compromised in a variety of ways, and complex software supply chains and infrastructure that complicate the correction.
But while enterprises fret over all these implications, many have yet to implement advanced cloud security and data loss prevention (DLP) tools, according to a researcher. report released this week by Proofpoint, Inc., in conjunction with Cloud Security Alliance (ASC).
Hillary Baron, CSA research analyst and lead author of the report, highlighted the rush to digital transformation amid COVID-19. While this has made remote working easier and kept businesses going, there have been unforeseen consequences and challenges due to large-scale – and hastily implemented – structural changes.
EventMetaBeat 2022
MetaBeat will bring together thought leaders to advise on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
register here"One of those challenges is developing a cohesive approach to cloud and web threats while managing legacy and on-premises security infrastructure," Baron said.
Heightened concerns in complex landscapes"Cloud and Web Security Challenges in 2022" surveyed more than 950 IT and security professionals representing various industries and organization sizes.
Notably, 81% of respondents said they were moderately to highly concerned about vendor and partner risks, and 48% were particularly concerned about the potential loss of data resulting from these risks.
That seems a justified concern, the study authors point out: 58% of organizations surveyed indicated that third parties and vendors were targets of cloud-based breaches in 2021.
Equally troubling, 43% of respondents said protecting customer data was their top cloud and web security goal for 2022; yet only 36% had dedicated DLP solutions in place.
Also taken from the report:
A majority of respondents were very concerned (33%) or moderately concerned (48%) about security when working with vendors and partners. 47% said legacy systems were a major challenge to improving their cloud security posture. 37% said they needed to regulate safer employee behavior. 47% said they had implemented endpoint security, 43% said they had implemented identity management solutions, and 38% said they had implemented privileged access management.In addition, enterprises are concerned that targeted cloud applications contain or provide access to data such as email (36%), authentication (37%), file storage/sharing (35%), customer relationship management (33%), and business intelligence (30%).
Experts and businesses agree that there is still a lot to be done to improve existing processes for managing third-party systems and integrations.
Context is often lacking for the software-as-a-service (SaaS) platforms used: the data they contain, the integrations they facilitate, ...
Couldn't attend Transform 2022? Check out all the summit sessions in our on-demand library now! Look here.
There is an ever-increasing push towards the cloud.
This comes with increasing risks from partners, vendors and third parties, vulnerabilities and misconfigurations that can be compromised in a variety of ways, and complex software supply chains and infrastructure that complicate the correction.
But while enterprises fret over all these implications, many have yet to implement advanced cloud security and data loss prevention (DLP) tools, according to a researcher. report released this week by Proofpoint, Inc., in conjunction with Cloud Security Alliance (ASC).
Hillary Baron, CSA research analyst and lead author of the report, highlighted the rush to digital transformation amid COVID-19. While this has made remote working easier and kept businesses going, there have been unforeseen consequences and challenges due to large-scale – and hastily implemented – structural changes.
EventMetaBeat 2022
MetaBeat will bring together thought leaders to advise on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
register here"One of those challenges is developing a cohesive approach to cloud and web threats while managing legacy and on-premises security infrastructure," Baron said.
Heightened concerns in complex landscapes"Cloud and Web Security Challenges in 2022" surveyed more than 950 IT and security professionals representing various industries and organization sizes.
Notably, 81% of respondents said they were moderately to highly concerned about vendor and partner risks, and 48% were particularly concerned about the potential loss of data resulting from these risks.
That seems a justified concern, the study authors point out: 58% of organizations surveyed indicated that third parties and vendors were targets of cloud-based breaches in 2021.
Equally troubling, 43% of respondents said protecting customer data was their top cloud and web security goal for 2022; yet only 36% had dedicated DLP solutions in place.
Also taken from the report:
A majority of respondents were very concerned (33%) or moderately concerned (48%) about security when working with vendors and partners. 47% said legacy systems were a major challenge to improving their cloud security posture. 37% said they needed to regulate safer employee behavior. 47% said they had implemented endpoint security, 43% said they had implemented identity management solutions, and 38% said they had implemented privileged access management.In addition, enterprises are concerned that targeted cloud applications contain or provide access to data such as email (36%), authentication (37%), file storage/sharing (35%), customer relationship management (33%), and business intelligence (30%).
Experts and businesses agree that there is still a lot to be done to improve existing processes for managing third-party systems and integrations.
Context is often lacking for the software-as-a-service (SaaS) platforms used: the data they contain, the integrations they facilitate, ...
What's Your Reaction?
