Majority of businesses have not inspected cloud services for malware

News by Roi Perez

According to new research from the Ponemon Institute and Netskope, as cloud services usage - and risk - increases, businesses still lack visibility into data breaches.

Netskope has released the results of a survey which has found that despite the growing use of cloud services, there is still a lack of visibility into sensitive information in the cloud, which can result in costly data breaches.

The report found that the majority of enterprises have not or do not know if they inspect their cloud services for malware.

575 IT security practitioners in 15 European countries who are familiar with their company's usage of cloud services. This study was conducted in 2014 with the Ponemon Institute.

Considering that Netskope research estimates that less than five percent of cloud services are sanctioned, it is unlikely respondents are inspecting all potential services -  both sanctioned and unsanctioned - raising the possibility that the portion of cloud services that contain malware is even larger.

The research also reveals that while 36 percent of business applications are now stored in the cloud, fewer than half of them are known, officially sanctioned or approved by IT. While respondents understand the risk of data breaches, nearly a third could not determine if they had been breached or what types of data were lost in the breach(es).

"These data confirm that while cloud adoption is very much on the rise, organisations still lack confidence in the cloud's ability to protect sensitive information,” said Sanjay Beri, founder and CEO of Netskope.

“With the rise of cloud threats like accidental data exposure, malware and ransomware aimed at exfiltrating data and extracting financial gain from sensitive data, IT teams need more robust intelligence, protection, and remediation to protect their data from breach or loss.”

The research comes as cloud adoption is on the rise. A recent forecast from 451 Research predicts that 60 percent of enterprise workloads will run in the cloud by mid-2018, up from 41 percent today. This report found that as more software and business applications move to the cloud, knowledge about what applications are in the cloud decreases, putting confidential and sensitive information at risk.

Over half of respondents in the Netskope survey said the use of cloud services significantly increases the likelihood of a data breach, yet the majority have neither visibility nor have they taken the correct precautions to prevent breaches involving cloud.

The estimated percentage of software applications in the cloud has increased from 31 per cent in 2014 to 36 per cent in 2016. Apps that are known, officially sanctioned or approved by IT decreased from 33 per cent to 30 per cent, indicating cloud adoption may be outpacing security measures.

When asked what cloud security risks are most concerning, 59 per cent of respondents say it is the possibility of experiencing compliance violations and regulatory actions and 50 per cent say it is the loss of control and the ability to influence end-user actions.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews