P RE D I C T I V E I NTELLIGEN CE
Visibility over cross-app
anomalies is worryingly low
Despite the importance of knowing who
(or what) is accessing sensitive data,
only 20% of organisations have visibility
over cross-app anomalous behaviour.
Despite a slight increase since last year,
it remains worryingly low – particularly in
light of the fact that 75% of respondents
operate within a multi-cloud environment.
In addition to this issue, the survey
showed that corporate visibility over every
other category had in fact decreased
since 2018. This included user logins
(down from 78% in 2018 to 69% in 2019),
external sharing (down from 44% to 40%)
and DLP policy violations (down from
46% to 38%). This is likely because IT
departments are struggling to keep pace
with the rapidly growing number of cloud
applications and personal devices that
are being used to store and process data
in the enterprise.
Most organisations are still
not deploying cloud security
solutions effectively
Access control (52%) is the most
widely used cloud security solution in
2019, closely followed by anti-malware
(46%). However, with the ever-growing
threat of data breaches and leakages
in the cloud, these tools (and others
like single sign-on (26%) and data loss
prevention (20%) are still not deployed
often enough.
34
There is a growing
recognition that
cloud apps aren’t
as much of a risk as
they once were.
Additionally, with 66% of respondents
saying that traditional security tools
don’t work or have limited functionality
in the cloud, adopting appropriate
cloud security technology is now
known to be essential.
Fortunately, modern solutions such
as cloud access security brokers
(CASBs) can provide many of these
essential capabilities in one solution.
This is something that more and more
organisations are recognising, driving
the adoption of CASBs from 20% in
2018 to 31% today.
Cost is still the main driving
force for those choosing a cloud
security provider
Whether for better or for worse,
cost remains the leading factor for
organisations that are selecting a
cloud security provider – more so than
other important items associated with
better overall implementation and data
protection. In total, 55% of respondents
cited cost effectiveness as their main
concern. Other options included ease of
deployment (46%), whether the solution
is cloud native (45%), the ease with
which cross-cloud security policies can
be enforced (36%) and the solution’s
ability to integrate with various cloud
platforms (36%).
Issue 18
|
www.intelligentciso.com