Based on analysis across 10 million users, 1 billion files, and over 91,000 applications, CloudLock focused on the riskiest element in the cloud: user behavior.
1 percent of users represent 75 percent of risk
Cloud cybersecurity risk is highly concentrated, with 1 percent of users responsible for 75 percent of risk. Consider the instance of a user publicly exposing files containing clear text passwords – a phenomena that occurs 4,000 times on average per organization, based on CloudLock research. Understanding the composition of this 1 percent of users is crucial for security teams: often times, this subset of users includes super-privileged users, software architects, as well as machine-based identities (i.e., applications with programmatic access) that grant access privileges and archive data.
70 percent of file sharing with non-corporate identities
The disproportionate nature of cybersecurity risk extends to cloud-based collaboration. While organizations on average collaborate with 865 external parties, just 25 of these account for 75 percent of cloud-based sharing per organization. Unexpectedly, 70 percent of external file sharing occurs with non-corporate email addresses security teams have little control over.
52,000 instances of risky cloud app installs
Many cloud applications support integration with third-party applications, outside the network and undetectable via traditional security tools, such as proxy- or gateway-based solutions. These apps are frequently targeted by cybercriminals as entry points to organizations. CloudLock research reveals that 52,000 instances of applications are installed by highly privileged users – a number that should be zero given privileged accounts are highly coveted by malicious cybercriminals.
Reduce risk by involving active users
By involving the most active users in the security process, organizations can rapidly mitigate the majority of cybersecurity risk. One CloudLock client decreased public exposures by 62 percent in just one day by doing so.
“Cyber attacks today target your users – not your infrastructure. As technology leaders wake up to this new reality, security programs are being reengineered to focus where true risk lies: with the user,” says CloudLock CEO and co-founder Gil Zimmermann. “The best defense is to know what typical user behavior looks like – and, more importantly, what it doesn’t.”