The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, released the findings from Understanding Cloud Data Security and Priorities in 2022. The survey, conducted in partnership with BigID, the leading data intelligence platform for privacy, security, and governance, sought to better understand the industry’s knowledge, attitudes, and opinions regarding data security in the cloud.
“Cloud data security is top of mind for organizations of all sizes, showing that many organizations are unprepared to deal with the unique challenges of securing data in the cloud. With the rapid growth of cloud, it is essential that organizations take steps to improve their cloud data security posture”
“Companies today are using multiple cloud platforms to store their data, but they aren’t taking full advantage of the data discovery and classification tools, leaving them in the dark as to what is actually being stored in the cloud and how to best protect it. Without proper visibility, organizations can’t adequately assess their risk posture, let alone protect their attack surface,” said Hillary Baron, Senior Technical Director for Research, Cloud Security Alliance, and a lead author of the report.
Among the study’s key findings:
Organizations are struggling with securing and tracking sensitive data in the cloud. Only 39 percent cite high levels of confidence in their ability to secure data in the cloud, with 40 percent indicating that 50 percent or less of their sensitive data in the cloud has sufficient security. Only four percent report sufficient security for 100 percent of their data in the cloud.
Third parties and suppliers have similar access to sensitive data compared to employees, a concerning fact given the results of another recent CSA survey, which found that third parties, contractors, and suppliers are the most commonly targeted groups (58%) in cyber attacks.
Dark data issues stem from staffing issues and interdepartmental conflict. The top three barriers for organizations capturing dark data are related to staffing issues: lack of skills/knowledge (50%), lack of interdepartmental cooperation (47%), and lack of staff resources (44%).
Also Read: Entertainment Technology Company StoryFit Closes $5.5 Million in Series A Funding
The majority of security professionals believe their enterprise will experience a data breach in the next year. An organization’s confidence in its ability to protect its data decreases dramatically once it has experienced a breach. In fact, 92 percent of those having previously experienced a data breach believe that they will experience another in the coming 12 months.
“Cloud data security is top of mind for organizations of all sizes, showing that many organizations are unprepared to deal with the unique challenges of securing data in the cloud. With the rapid growth of cloud, it is essential that organizations take steps to improve their cloud data security posture,” said Dimitri Sirota, CEO and co-founder at BigID. “This research underscores the value of solutions like BigID to accelerate cloud data security with a risk-based, data-first approach that can scale as data continues to expand across the multi-cloud.”
The survey, which was sponsored by BigID, was conducted online by CSA in July 2022 and received 1,663 responses from IT and security professionals from organizations of various sizes and locations. CSA research prides itself on vendor neutrality, agility, and integrity of results. Sponsors are CSA Corporate Members who support the findings of the research project but have no added influence on the content development or editing rights to CSA research.