The Cloud Multiplier Effect on Data Breaches
Blog Article Published: 06/04/2014
by Krishna Narayanaswamy, Chief Scientist at Netskope All of the things we love about cloud and SaaS apps can also put us at risk of a data breach. First, we love that we can get our favorite apps quickly and easy without having to answer to anyone. This leads to massive app growth, usually of inherently low quality and un-secured apps, and often outside of the purview of IT and security teams. Second, we can get access to our favorite apps from any device. And each of us often does from three or more devices. This increases the surface area of a potential breach. And finally, today we can share content to and from those apps with greater speed than ever before, which means it’s easy for content to get out of our control. Each of these examples can be thought of as multipliers, or factors that can increase the probability of a data breach. To take the pulse of the market and quantify this idea, we asked the Ponemon Institute, a foremost expert in data breach research, to conduct a study on the topic. Today we released the results of that study in a first-of-its-kind report called "Data Breach: The Cloud Multiplier Effect." Check out the full report or the handy infographic (also shown below), which points to some of the key learnings from the study. The study, which is based on a survey of 613 IT and security professionals, finds that increasing use of cloud services can increase the probability of a $20 million data breach by as much as 3x. It also revealed other key findings, including:
- 36 percent of business-critical applications are housed in the cloud, yet IT isn’t aware of nearly half of them;
- 66 percent of respondents believe that their organization’s use of the cloud diminishes their ability to protect sensitive or confidential information; and
- 72 percent of respondents don’t believe that their cloud service provider would notify them immediately if they had a data breach involving the loss or theft of their intellectual property or business confidential information.