Laminar released findings from its 2022 Security Professional Insight Survey conducted at AWS re:Inforce in July 2022 and Black Hat in August 2022. The research revealed gaps in organizations’ defenses that security teams will want to proactively address to reduce their risk of data exposure. A total of 415 security professionals participated, representing both leadership and line roles.
Did someone exfiltrate your public cloud data?
65.1% of respondents said they currently have data resident in the public cloud (Amazon Web Services, Microsoft Azure, or Google Cloud Platform). With public cloud adoption having a compound annual growth rate (CAGR) of nearly 26%, it’s surprising that respondents haven’t yet hardened data security for these assets. 40.3% said that they had a public cloud data security tool in place to monitor for insider and outsider threats and data exfiltration.
As a result, many organizations lack visibility into unauthorized public cloud data access. 38.3% don’t know if they have had a third party successfully exfiltrate their public cloud data in the past six months, while 9.6% have experienced a recent exposure.
Similarly, 37.4% can’t tell whether an internal employee has accidentally accessed sensitive data in the cloud. As a result of organizations’ lack of visibility, it’s likely that data exfiltration rates are much higher than reported.
Public cloud data security
Public cloud usage is likely to grow as organizations continue to embrace hybrid work, accelerate digitization and seek to increase business agility and flexibility. That means more sensitive data will be placed in the public cloud. Yet, organizations’ current security practices are ill-equipped to protect this vital information, creating an opening for both insiders and outsiders to exploit.
62.3% of respondents said their organizations have a hybrid work model, while 25.9% are fully remote. As a result, data is outside the control of the traditional on-premises security perimeter and must be secured and monitored with new, cloud-native solutions.
“The acceleration of public cloud adoption and hybrid work model have unfortunately created blindspots for security teams. Luckily, security teams can immediately improve visibility into who is accessing and using their data by deploying a public cloud data security platform,” said Amit Shaked, CEO of Laminar.