Skip to main content

Nearly four in five businesses suffered a cloud data breach in past year and a half

(Image credit: Image source: Shutterstock/faithie)

Four in every five companies have experienced at least one cloud data breach (opens in new tab) in the past year and a half - and almost half have suffered 10 breaches or more - according to a new survey from cloud security firm Ermetic

Based on a poll of 300 CISOs, the report states that 80% of businesses are unable to identify excessive access to sensitive data in IaaS and PaaS environments, which is posing a threat to security.

In light of cloud security issues, respondents said their top three priorities are: monitoring compliance, managing authorisation and permissions, and managing security configurations.

The primary reason CISOs struggle with access management, the report explains, is the nature of public cloud infrastructure deployment itself.

As public cloud is a dynamic, on-demand environment, users and applications often accumulate unnecessary permissions. Applications are also sometimes authorised by default when introduced, making them a prime target for attackers.

To address issues such as these, the report suggests businesses hone in on three key elements to cloud security: security configuration, adequate visibility into access settings and activity, and identity and access management permission.

Sead Fadilpašić
Sead Fadilpašić

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.