CLOUD SECURITY

Proofpoint: Compromised Cloud Accounts Cost Organizations Over $6M

Proofpoint | June 01, 2021

In a survey of 600 IT and IT security professionals in the U.S., 75% of respondents said shadow IT — use of cloud applications and services without the approval (or knowledge) of IT — creates substantial risks for their organizations. While some respondents were confident — 24% very secure and 30% sure — users were using IT-approved cloud services and applications for file-sharing and collaboration tools, only 40% believed their organizations knew all the cloud computing applications, platforms, and infrastructure services that their users were using.

An average of 42% of corporate data is stored in the cloud. Still, only an average of 27% of corporate information is stored in an IT-controlled cloud environment. the majority of corporate data — 67% — is stored in cloud services deployed by departments other than corporate IT.

Protecting cloud data remains a challenge, as 68% called cloud account takeovers a significant risk to their organizations. more than half indicated the frequency and severity of these breaches have increased over the past year. Only 44% of survey respondents believe their organizations have established clearly defined roles and accountability for safeguarding confidential or sensitive information in the cloud. Fewer than 40% said their organizations were vigilant about conducting cloud app assessments before deployment.

Compromised cloud accounts are costly incidents and should drive organizations to invest in technologies, in-house expertise, and user training and awareness programs. The costs include hours spent by staff responding to the incident, application downtime, business process workarounds, fines, legal fees, consultants/lawyers, MSSPs, notification of individuals and business partners affected by the exposure of their confidential information, and loss of customers and business relationships due to reputational damage.

On average, respondents reported 64 cloud account compromises per year, with 30% exposing sensitive data. The average annual IT budget in the organizations represented in this research was $167 million. An average of 22 percent, or $36.8 million, was allocated towards securing cloud-based resources. An average of six IT security personnel would be involved in addressing compromised cloud accounts. The IT security team spends an average of 14,184 hours annually to deal with these breaches.

Microsoft 365 and Google Workspace accounts are heavily targeted by brute force and phishing-based cloud attacks. In a year, organizations experience an average of 138 hours of application downtime.

Spotlight

Amazon Web Services (AWS) is a flexible, cost-effective, easy-to-use cloud computing platform. This whitepaper helps architects and developers understand the primary data storage options available in the AWS cloud. We provide an overview of each storage option, describe ideal usage.

Spotlight

Amazon Web Services (AWS) is a flexible, cost-effective, easy-to-use cloud computing platform. This whitepaper helps architects and developers understand the primary data storage options available in the AWS cloud. We provide an overview of each storage option, describe ideal usage.

Related News

CLOUD SECURITY

Sumo Logic Achieves AWS Security Competency Status for Cloud SIEM and SOAR Solutions

Sumo Logic, Inc. | August 02, 2022

Sumo Logic the SaaS analytics platform to enable reliable and secure cloud-native applications, announced today that it has achieved Threat Detection and Response distinction with Amazon Web Services (AWS) Security Competency status for Sumo Logic Cloud SIEM and Cloud SOAR solutions. This designation recognizes achievements in empowering AWS customers to transform their security operations with relevant threat data and streamlined incident response capabilities. Achieving this AWS Security Competency differentiates Sumo Logic as an AWS Partner that enables enterprises of all sizes to better manage the advanced threat landscape. Sumo Logic is addressing the major challenges facing security operations teams and increasing enterprises’ overall security posture on AWS with deep and contextualized insights, automation, and machine learning. “Enterprises face rapidly expanding threat surfaces as cloud and digital transformation transitions accelerate, Earning the AWS Security Competency status for our Cloud SIEM and Cloud SOAR solutions is another milestone in our journey to modernize security for evolving applications and security operations.” Dave Frampton, VP/GM, Sumo Logic Security Business Unit, Sumo Logic Sumo Logic Cloud SIEM generates prioritized and contextualized insights and workflow automation to reduce manual tasks and the time needed to detect and respond to threats. Along with the native integration of Cloud SIEM, Cloud SOAR quickly enables insightful decision-making and fully automates incident response to improve collaboration and security posture. With a single platform, Sumo Logic’s customers can consolidate their security tools and make them more accessible for security, IT and developer operations. To achieve this designation, partners must possess deep AWS expertise and deliver solutions seamlessly on AWS. AWS is enabling scalable, flexible, and cost-effective solutions from startups to global enterprises. To support the seamless integration and deployment of these solutions, AWS established the AWS Competency Program to help customers identify AWS Partners with deep industry experience and expertise. Sumo Logic has been a long-time partner of AWS and named Independent Software Vendor (ISV) Partner of the Year for 2021 by AWS. The company also gained AWS Container Competency status in 2019. About Sumo Logic Sumo Logic, Inc. empowers the people who power modern, digital business. Through its SaaS analytics platform, Sumo Logic enables customers to deliver reliable and secure cloud-native applications. The Sumo Logic Continuous Intelligence Platform™ helps practitioners and developers ensure application reliability, secure and protect against modern security threats, and gain insights into their cloud infrastructures. Customers around the world rely on Sumo Logic to get powerful real-time analytics and insights across observability and security solutions for their cloud-native applications. For more information, visit www.sumologic.com. Sumo Logic is a trademark or registered trademark of Sumo Logic in the United States and in foreign countries. All other company and product names may be trademarks or registered trademarks of their respective owners. Any information regarding offerings, updates, functionality, or other modifications, including release dates, is subject to change without notice. The development, release, and timing of any offering, update, functionality, or modification described herein remains at the sole discretion of Sumo Logic, and should not be relied upon in making a purchase decision, nor as a representation, warranty, or commitment to deliver specific offerings, updates, functionalities, or modifications in the future.

Read More

CLOUD SECURITY

Trend Micro Maintains Strong Lead in Cloud Workload Security Market

Trend Micro Incorporated | July 25, 2022

Global cybersecurity leader Trend Micro today celebrated its continued leadership role in the fast-growing global market for cloud security, according to the latest the IDC market share report on Cloud Workload Security. Throughout two years of global crisis, enterprise leaders invested in cloud infrastructure and services to streamline business processes, lower costs and create innovative new customer experiences. They also turned to trusted partners to manage and mitigate the resulting cyber risk. That's created a market for cloud workload security which surged 36% year-on-year in 2021, according to the IDC market share report. Trend Micro Cloud One was built for this. As business-critical cloud-native applications increase complexity and broaden the corporate cyber-attack surface, Trend Micro offers cloud builders visibility into cloud security and operational posture, enables discovery of threats, risks, and misconfigurations in open-source pipelines, and provides security for: File and object storage Workloads and virtual machines Cloud networks and virtual private cloud Cloud-native applications "According to the IDC market share report, global organizations spent $2.2bn last year on cloud security and nearly 18% of them partnered with us. Our automated, flexible, all-in-one platform delivers the simplicity and powerful protection they need to secure critical digital transformation initiatives. This commitment to cloud security has kept Trend Micro on top for over a decade." Kevin Simzer, COO at Trend Micro According to Trend Micro's data, the company experienced 53% customer growth in the AWS marketplace in 2021, leading to a 134% year-on-year revenue increase in the marketplace. Revenues from cloud workload security were greater than the second and third largest players combined, according to the IDC market share report. The independent market analysis also noted Trend Micro's continued focus on the channel and marketplace-centric selling: "Frankly, customers like to buy cloud security much like they buy cloud, which means buying security through cloud marketplaces," it says. "In addition, buying through a cloud marketplace provides customers transparency of the spend and enables security units to pass the cost of security to individual business unit application owners. It is a win for security." About Trend Micro Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organizations to simplify and secure their connected world.

Read More

CLOUD SECURITY

Splunk and JupiterOne partner to improve cloud asset visibility and threat detection

JupiterOne | June 02, 2022

JupiterOne, the industry's leading cyber asset attack surface management (CAASM) platform, announced a new integration partnership with Splunk, the security and observability data platform leader, making it easier for organizations to connect and analyze security insights across their cyber asset landscape. Now, security teams may access data from both the JupiterOne platform and the Splunk Security Cloud to boost the value of user data among mutual customers. The volume of data and cyber assets grows quickly as firms speed digital transformations through cloud-native and API-first frameworks. To achieve better results, teams must have a better awareness of and visibility into all of their cyber assets. Users can leverage the JupiterOne and Splunk interface to dynamically assess the context of their cyber assets and automate incident response without having to construct or bring in additional infrastructure. "Security buyers today value integration across threat intelligence, vulnerability management, and security operations tools, while demanding cloud-based security technologies that are easy-to-buy and use. By working with Splunk, JupiterOne meets these requirements, while making it easier for business and security teams to manage actionable data and mitigate cyber-risks," said Jon Oltsik, Senior Principal Analyst and Fellow at Enterprise Strategy Group Users will be able to acquire context from a single source of truth across their complete security operations, as well as execute compliance assessments throughout their cyber assets and environment, thanks to this innovative cooperation between JupiterOne and Splunk. This can be done when analyzing Splunk alerts or looking into JupiterOne asset discoveries. Splunk's products aid in collecting and indexing real-time machine data so that situational insights can be generated. The JupiterOne CAASM platform's graph-based architecture, as well as its ability to query data, provides customers with complete contextual analysis, allowing a variety of use cases. Incident response, vulnerability prioritization, access management, security engineering and automation, application and product security, DevOps, and cloud and SaaS security are just a few topics covered. "Context is essential for sound security decision making. By adding context from JupiterOne about an organization's complex cyber assets relationships to the situational awareness they get from Splunk, users can take action on incidents and meaningfully reduce risk. We believe that connecting Splunk's event data with JupiterOne's structural data in this way will become the future of real-time and contextual security, and this unique combination will provide a powerful market differentiator," Erkang Zheng, Founder and CEO at JupiterOne

Read More