Over the past two years, companies’ adoption of public cloud services has surged, but fast-paced change and weaker security controls have led to an increase in data breaches, finds a Laminar report.
In the survey, 50% of security professionals said their cloud environments had been breached in 2020 or 2021. As companies go digital-first, data security professionals are managing an increasingly complex multi-cloud environment, while struggling with a lack of visibility, inadequate controls, and rising shadow data problem. Among those who were breached, 58% said that their cloud data had been knowingly exfiltrated.
Unmanaged shadow data a concern for 82% of respondents
It’s no surprise, then, that shadow data is cited by 82% of respondents as a top concern. Shadow, or unknown, unmanaged data, is growing as both IT and business users can self-provision cloud services and stand up instances for application development and testing. Examples of shadow data now include database copies in test environments, unmanaged backups, toxic application logs and caches, analytics pipelines, stale unmaintained databases, and unlisted embedded databases.
All of this data is at risk for exposure, causing revenue and reputational harm to corporations at a time when regulatory censure and fines are increasing. For security professionals anxiety comes from knowing that these unknown “shadow” datastores are causing undue risk to the organizaiton.
Executive buy-in growing for evolving security programs
The good news is that the high number of public cloud data breaches has increased executive buy-in for cybersecurity at 50% of companies surveyed. In fact, 81% of teams have increased their security budget >40% since January 2020. As a result, these companies will be able to focus resources on hiring and upskilling teams and investing in new solutions.
Cloud data security demands a different approach
Given worsening cyber risks, security gaps, and breaches, data protection professionals believe it’s time to try another approach. Some 65% of respondents believe that cloud environments are different enough from on-premises infrastructures to warrant unique solutions.
Survey respondents believe that cloud-native security solutions can help them oversee their fast-expanding, heterogeneous cloud environments and data stores:
- 49% believe that cloud-native security solutions are dynamic, effective, and extremely scalable
- 46% state that they are asynchronous and thus don’t disrupt data traffic flow or performance
- 44% say they are agentless and API-based, thus resulting in a lower total cost of ownership
Cloud-native security solutions should focus on the data
Not all cloud-native security tools are created equally, however. The majority are focused on SaaS apps or infrastructure, but a true defense in depth strategy also requires direct protection for the crown jewels, the data itself. A cloud-native security solution should be able to autonomously discover and classify sensitive data across all cloud accounts.
In addition, it must be able to enforce data policies and best practices to secure and control data. Finally, it should provide asynchronous monitoring of data egress channels, detecting unsanctioned or risky activity without interrupting valid data flow.