Skip to main content

Over half of firms suffered a cloud security incident last year

(Image credit: Image source: Shutterstock/Ai825)

Cloud security incidents are happening left and right, according to research from cybersecurity firm Sophos. 

The company's new State of Cloud Security 2020 report claims that almost three quarters of businesses suffered such an incident in the past 12 months, with malware, ransomware, data and account compromise, as well as cryptojacking, being the biggest threats of all.

Furthermore, the report claims that businesses running multi-cloud environments are also the ones who are more likely to suffer a cloud security incident.

Businesses in India are the ones being hit the hardest, with more than nine in ten (93 per cent) reporting being at the receiving end of an attack. European businesses are at the other end of the spectrum, with Sophos claiming it could be due to General Data Protection Regulation (GDPR) guiding businesses towards being more resilient.

Chester Wisniewski, principal research scientists at Sophos, says that ransomware is the most widely reported cybercrime in the public cloud, mostly due to Covid-19 forcing employees into a remote-working environment.

“It’s worrisome that many organisations still don’t understand their responsibility in securing cloud data and workloads,” he argues. “Cloud security is a shared responsibility, and organisations need to carefully manage and monitor cloud environments in order to stay one step ahead of determined attackers.”

Besides ransomware, businesses are also constantly facing accidental data exposure, as the report claims cloud misconfiguration got exploited in two thirds of all attacks. Furthermore, another third of organisations said cybercriminals managed to access their premises through stolen cloud provider account details.

More details can be found in Sophos’ full report on this link.