Shadow data slipping past security teams

The rapid pace of cloud transformation and democratization of data has created a new innovation attack surface, leading to 3 in 4 organizations experiencing a cloud data breach in 2022, according to Laminar.

68% of data security professionals have identified shadow data as their top concern when it comes to protecting cloud data.

The report reveals that concern over shadow data has increased to a 93% compared to 82% the year before. This finding indicates a need for security teams to evolve processes and technologies to autonomously discover, classify, protect, and remediate sensitive cloud data stores, wherever they are located.

Innovation attack surface

Organizations accelerated the pace of transformation during the pandemic. Now they’re staying the course to maintain market competitiveness. In addition, organizations democratized data – making it easy for approved users to access cloud data and create analytics for decision making or operational processes.

This trend has introduced new gaps into organizational systems and processes and created the “innovation attack surface” — a new threat vector that most organizations unconsciously have accepted as the cost of doing business.

The innovation attack surface is the continuous, unintentional risk cloud data users, such as data scientists and developers, take when using data to drive innovation. Unlike other attack surfaces determined by external forces such as ransomware, malware or malicious internal actors, the innovation attack surface has resulted from the massive, decentralized unintentional risk created by an organization’s data innovators.

Other trends that have allowed the innovation attack to surface include organizations’ increasing adoption of varied cloud data storage technologies; the proliferation of data (including shadow data) across hybrid, multi-cloud infrastructures; the death of the traditional network perimeter; faster software releases; and the changing role of security.

Security teams are charged with protecting data without hindering innovation, but may lack the bandwidth to keep up with cloud service technologies that would improve their ability to execute.

Security teams concerned about shadow data

While security teams are confident that they have complete visibility into new public cloud data repositories, 93% are concerned about shadow data, up 11% from the year before, and 68% of respondents say it is the greatest challenge in protecting cloud data. Shadow, or unknown, unmanaged data is growing as users now can proliferate data in just a few clicks.

Shadow data can occur when copied data lives on in test environments, data gets mis-placed in storage buckets, legacy data isn’t deleted after a cloud migration, data logs become toxic, and orphaned backups are left stale. Laminar Labs has validated this growing concern with our own research that 21% of publicly facing cloud storage buckets have personally identifiable information (PII) exposed and how utilizing versioning in cloud environments can cause shadow data.

Organizations increase investment in security programs

The good news is that organizations’ commitment to evolving their security programs is growing. 92% of respondents say the uptick in cloud breaches has increased executive and board-level buy-in for security platforms, up from 50% a year earlier. In addition, 66% of organizations have increased security budgets by 41% or more in the past year.

As a result, 97% of security professional respondents report their organization has a dedicated data security team, up from 58% in 2022.

DSPM provides visibility into sensitive data

However, 29% of respondents are only somewhat or not very confident that their existing on-premises security solutions can meet the challenges of improving cloud data security, up from 24% in 2022.

Data security posture management (DSPM) equips security teams with “transformational” capabilities, according to Gartner. DSPM “provides visibility into where sensitive data is, who has access to that data, how it has been used and what the security posture of the data store or application is,” states Gartner.

92% of respondents had heard about DSPM and identified 12 different capabilities they’d require from such a solution.

Cloud-native data security solutions

A full 95% of respondents believe that cloud environments are different enough (than on-premises) to require unique security solutions. Given their concerns about on-premises solutions, more security professionals are considering deploying cloud-native security platforms to improve sensitive data protection.

• 71% said cloud-native security solutions should provide autonomous scanning
• 63% want to deploy a dynamic, performant platform
• 54% say such a solution should offer asynchronous operations
• 53% would like the platform to provide an agentless architecture

A cloud-native security platform should provide autonomous discovery and classification of all data across AWS, Azure, GCP, and Snowflake; inventory data into a single cloud data catalog; and prioritize alerts using an innovative risk-scoring model.