Laminar has released findings from its 2022 Security Professional Insight Survey conducted at AWS re:Inforce in July 2022 and Black Hat in August 2022. The research revealed gaps in organizations’ defenses that security teams will want to proactively address to reduce their risk of data exposure. A total of 415 security professionals participated, representing both leadership and line roles.
Public Cloud Data Security Adoption Lags Public Cloud Usage, Creating Gaps Attackers Can Exploit
Nearly two-thirds (65.1%) of respondents said they currently have data resident in the public cloud (Amazon Web Services, Microsoft Azure, or Google Cloud Platform). With public cloud adoption having a compound annual growth rate (CAGR) of nearly 26%>, it’s surprising that respondents haven’t yet hardened data security for these assets. Less than half (40.3%) said that they had a public cloud data security tool in place to monitor for insider and outsider threats and data exfiltration.
As a result, many organizations lack visibility into unauthorized public cloud data access. More than a third (38.3%) don’t know if they have had a third party successfully exfiltrate their public cloud data in the past six months, while nearly one in ten (9.6%) have experienced a recent exposure. Similarly, more than a third (37.4%) can’t tell whether an internal employee has accidentally accessed sensitive data in the cloud. As a result of organizations’ lack of visibility, it’s likely that data exfiltration rates are much higher than reported.
Hybrid Work Demands a Different Approach to Public Cloud Data Security
Public cloud usage is likely to grow as organizations continue to embrace hybrid work, accelerate digitization and seek to increase business agility and flexibility. That means more sensitive data will be placed in the public cloud. Yet, organizations’ current security practices are ill-equipped to protect this vital information, creating an opening for both insiders and outsiders to exploit.
Nearly two-thirds (62.3%) of respondents said their organizations have a hybrid work model, while another quarter (25.9%) are fully remote. As a result, data is outside the control of the traditional on-premises security perimeter and must be secured and monitored with new, cloud-native solutions.
“The acceleration of public cloud adoption and hybrid work model have unfortunately created blindspots for security teams. Luckily, security teams can immediately improve visibility into who is accessing and using their data by deploying a public cloud data security platform,” said Amit Shaked, CEO and co-founder of Laminar. “Using a cloud-native solution like Laminar’s Cloud Data Security Platform helps data security teams discover, prioritize, secure and monitor the data used and stored across multi-cloud environments.
Organizations can then discover and classify all data, prioritize these assets by risk, enforce security best practices and data policies and monitor cloud infrastructure for data anomalies. As a result, security teams at these organizations can proactively reduce their data exposure surface and move swiftly to address suspected incidents, limiting their damage.