Proofpoint: Compromised Cloud Accounts Cost Organizations Over $6M

In a survey of 600 IT and IT security professionals in the U.S., 75% of respondents said shadow IT — use of cloud applications and services without the approval (or knowledge) of IT — creates substantial risks for their organizations. While some respondents were confident — 24% very secure and 30% sure — users were using IT-approved cloud services and applications for file-sharing and collaboration tools, only 40% believed their organizations knew all the cloud computing applications, platforms, and infrastructure services that their users were using.

An average of 42% of corporate data is stored in the cloud. Still, only an average of 27% of corporate information is stored in an IT-controlled cloud environment. the majority of corporate data — 67% — is stored in cloud services deployed by departments other than corporate IT.

Protecting cloud data remains a challenge, as 68% called cloud account takeovers a significant risk to their organizations. more than half indicated the frequency and severity of these breaches have increased over the past year. Only 44% of survey respondents believe their organizations have established clearly defined roles and accountability for safeguarding confidential or sensitive information in the cloud. Fewer than 40% said their organizations were vigilant about conducting cloud app assessments before deployment.

Compromised cloud accounts are costly incidents and should drive organizations to invest in technologies, in-house expertise, and user training and awareness programs. The costs include hours spent by staff responding to the incident, application downtime, business process workarounds, fines, legal fees, consultants/lawyers, MSSPs, notification of individuals and business partners affected by the exposure of their confidential information, and loss of customers and business relationships due to reputational damage.

On average, respondents reported 64 cloud account compromises per year, with 30% exposing sensitive data. The average annual IT budget in the organizations represented in this research was $167 million. An average of 22 percent, or $36.8 million, was allocated towards securing cloud-based resources. An average of six IT security personnel would be involved in addressing compromised cloud accounts. The IT security team spends an average of 14,184 hours annually to deal with these breaches.

Microsoft 365 and Google Workspace accounts are heavily targeted by brute force and phishing-based cloud attacks. In a year, organizations experience an average of 138 hours of application downtime.