TEL AVIV & NEW YORK--(BUSINESS WIRE)--Over the past two years, companies’ adoption of public cloud services has surged. However, fast-paced change and weaker security controls have led to an increase in data breaches, finds the State of Public Cloud Data Security Report 2022, released by Laminar today.
In the survey, 50% of security professionals said their cloud environments had been breached in 2020 or 2021. As companies go digital-first, data security professionals are managing an increasingly complex multi-cloud environment, while struggling with a lack of visibility, inadequate controls, and rising shadow data problem. Among those who were breached, 58% said that their cloud data had been knowingly exfiltrated.
Unmanaged Shadow Data a Concern for 82% of Respondents
It’s no surprise, then, that shadow data is cited by 82% of respondents as a top concern. Shadow, or unknown, unmanaged data, is growing as both IT and business users can self-provision cloud services and stand up instances for application development and testing. Examples of shadow data now include database copies in test environments, unmanaged backups, toxic application logs and caches, analytics pipelines, stale unmaintained databases, and unlisted embedded databases. All of this data is at risk for exposure, causing revenue and reputational harm to corporations at a time when regulatory censure and fines are increasing. For security professionals anxiety comes from knowing that these unknown “shadow” datastores are causing undue risk to the organization.
Executive Buy-in Growing for Evolving Security Programs
The good news is that the high number of public cloud data breaches has increased executive buy-in for cybersecurity at 50% of companies surveyed. In fact, 81% of teams have increased their security budget >40% since January 2020. As a result, these companies will be able to focus resources on hiring and upskilling teams and investing in new solutions.
Cloud Data Security Demands a Different Approach
Given worsening cyber risks, security gaps, and breaches, data protection professionals believe it’s time to try another approach. Some 65% of respondents believe that cloud environments are different enough from on-premises infrastructures to warrant unique solutions.
Survey respondents believe that cloud-native security solutions can help them oversee their fast-expanding, heterogeneous cloud environments and data stores:
- 49% believe that cloud-native security solutions are dynamic, effective, and extremely scalable
- 46% state that they are asynchronous and thus don’t disrupt data traffic flow or performance
- 44% say they are agentless and API-based, thus resulting in a lower total cost of ownership
Cloud-native Security Solutions Should Focus on the Data
Not all cloud-native security tools are created equally, however. The majority are focused on SaaS apps or infrastructure, but a true defense in depth strategy also requires direct protection for the crown jewels, the data itself. A cloud-native security solution should be able to autonomously discover and classify sensitive data across all cloud accounts. In addition, it must be able to enforce data policies and best practices to secure and control data. Finally, it should provide asynchronous monitoring of data egress channels, detecting unsanctioned or risky activity without interrupting valid data flow.
Laminar surveyed 500 data security professionals in February 2022. To read the full report, visit https://laminarsecurity.com/resources/state-of-public-cloud-data-security-report-2022/.
For more insight into securing data across public clouds, the risks of ‘shadow data,’ and the future of cloud data security, register for ISMG’s Cloud Data Security Summit sponsored by Laminar and featuring CISOs, analysts and industry leaders here.
Laminar delivers data security for everything you build and run in the cloud. Laminar’s Cloud Data Security Platform is first in the market to ensure data-centric cloud security. Laminar enables you to Discover, Prioritize, Secure and Monitor your sensitive cloud data. Autonomously Discover and classify new datastores for complete visibility, Prioritize risk based on data sensitivity and risk posture, Secure data by remediating weak controls and actively Monitor for egress and access anomalies. Complete data observability for everything running in your public cloud accounts. Autonomous, agentless and continuous monitoring of datastores, compute as well as data egress channels allows sanctioned data movements and alerts when something’s wrong. Data security teams can reduce the attack surface, detect real-time data leaks and get back in control of their data. Founded in 2020 by a brilliant team of award winning Israeli red team experts, Laminar is proudly backed by Insight Partners, TLV Partners, and SentinelOne. To learn more please visit www.laminarsecurity.com.