The perils of SaaS misconfigurations

The Cloud Security Alliance (CSA) released the findings of an Adaptive Shield survey, offering insight into the industry’s knowledge, attitudes, and opinions regarding SaaS security and related misconfigurations.

“Many recent breaches and data leaks have been tied back to misconfigurations. Whereas most research related to misconfigurations has focused strictly on the IaaS layers and entirely ignores the SaaS stack, SaaS security and misconfigurations are equally, if not more, important when it comes to an organization’s overall security.

“We wanted to gain a deeper understanding of the use of SaaS applications, how security assessments are conducted and the overall awareness of tools that can be used to secure SaaS applications,” said Hillary Baron, lead author and research analyst, Cloud Security Alliance.

“This survey shines a light on what CISOs and cybersecurity managers are looking for and need when it comes to securing their SaaS stack — from visibility, continuous monitoring and remediation to other ever-growing, critical use cases such as 3rd party application control and device posture monitoring,” asserted Maor Bin, CEO of Adaptive Shield. “The SSPM market is maturing rapidly — and this type of zero-trust approach for SaaS is where the SSPM market is going.”

Key findings

• SaaS misconfigurations are leading to security incidents. At least 43 percent of organizations report that they have dealt with one or more security incidents because of a SaaS misconfiguration.
• The leading causes of SaaS misconfigurations are lack of visibility into changes into the SaaS security settings (34%) and too many departments with access to SaaS security settings (35%).
• Investment in business-critical SaaS applications is outpacing SaaS security tools and staff. Over the past year, 81 percent of organizations have increased their investment in business-critical SaaS applications, but fewer organizations reported increasing their investment in security tools (73%) and staff (55%) for SaaS security.
• Manually detecting and remediating SaaS misconfigurations is leaving organizations exposed. 46% can only check monthly or less frequently, and another 5 percent don’t check at all, meaning that misconfigurations could go undetected for a month or longer.
• The use of an SSPM reduces the timeline to detect and remediate SaaS misconfigurations. Organizations that use an SSPM can detect and remediate their SaaS misconfigurations significantly quicker — 78 percent checked their SaaS security configurations weekly or more, compared to those not utilizing an SSPM, where only 45 percent were able to check at least weekly.