Skip to main content

Data breaches in the cloud are mainly the fault of employees

(Image credit: Image Credit: Everything Possible / Shutterstock)

When businesses use cloud services to store and manage data, they generally expect those services to handle data security, as well. However, a new report from Kaspersky Lab argues that in most cases, it’s the business’ employees that are to blame for data breaches.

The comoants latest research found that in roughly 90 per cent of cases, it’s not the cloud provider’s fault, when a data breach occurs.

A third of weaknesses are caused by social engineering techniques that affect employee behavior, while roughly 10 per cent can be blamed on the cloud provider.

Even though it doesn’t state it directly, the report hints that businesses should employ ‘tailored protection’ for the cloud, indicating that ‘only’ 39 per cent of SMBs and 47 per cent of enterprises have such cybersecurity measures set up.

The report also believes that many organisations may have false confidence that standard endpoint protection works smoothly within the cloud.

“The first step for any business when migrating to public cloud is to understand who is responsible for their business data and the workloads held in it,” commented Maxim Frolov, Vice President of Global Sales at Kaspersky Lab.

“Cloud providers normally have dedicated cybersecurity measures in place to protect their platforms and customers, but when a threat is on the customer’s side, it is no longer the provider’s responsibility. Our research shows that companies should be more attentive to the cybersecurity hygiene of their employees and take measures that will protect their cloud environment from the inside.”

The full report, ‘Understanding security of the cloud: from adoption benefits to threats and concerns’, is available here.

Image Credit: Everything Possible / Shutterstock