Cloud account compromises cost organizations millions of dollars every year, according to a study by the Ponemon Institute.
Cloud services and applications are essentials for many businesses. But spreading them out of IT’s control can be costly. This is one of the lessons of an American study * from the Ponemon Institute for Proofpoint.
662 IT and security decision-makers from large and medium-sized companies were surveyed. On average, 42% of business data is stored in the cloud. Only 27% are under the control of IT teams. In addition, 67% of cloud services used are deployed by other departments, in the shadow of IT (Shadow IT).
However, 50% of respondents consider that the volume and frequency of cloud account compromises have increased over the past 12 months (64 on average over the year). 68% say the security risk to their business is “significant”.
Microsoft 365 and Google Workspace accounts, in particular, have been heavily targeted by brute force or phishing attacks, for 57% of professionals surveyed.
$ 6.2 million on average
Against this backdrop, the average financial loss from compromised cloud accounts for the organizations surveyed reached $ 6.2 million over the past 12 months.
In addition to the resources devoted to resolving the incident, the bill can include the costs related to the unavailability of services and apps (138 hours on average per year), alerts to the attention of the ecosystem, management responsibilities with suppliers, loss of earnings or fines and possible legal costs.
How to reduce the risk, limit the accidental sharing of sensitive data and avoid configuration errors? According to the authors of the study, organizations have an interest in investing in both adapted technologies (CASB, or Cloud Access Security Broker, etc.), internal skills, without forgetting user awareness and training.
source : Ponemon Institute – « The Cost of Cloud Compromise and Shadow IT ».
(crédit photo © Shutterstock)