Study reveals that the top cloud security incidents include phishing, targeted attacks on cloud infrastructure and ransomware
In 2020, the most common incidents that financial organizations suffered regarding data in the cloud were phishing attacks (reported by 26%), targeted attacks on cloud infrastructure (22%) and ransomware (15%), according to Netwrix’s 2021 Cloud Data Security Report. Among organizations that experienced a data breach, 20% had to cover unplanned expenses to fix security gaps, 19% faced compliance fines and 17% experienced customer churn.
The Netwrix report also revealed that 59% of financial organizations consider understaffed IT and security teams to be the major reason they struggle to secure data in the cloud. Other factors include lack of expertise in cloud security (44%) and employee negligence (37%).
Other survey findings include:
- 53% of financial organizations store customer data in the cloud, and 35% store financial data there.
- Targeted attacks on cloud infrastructure took the longest to detect and resolve — 41% of financial organizations needed days or weeks to discover the incident, and 38% spent days or weeks on response.
- 70% of respondents audit user activity in the cloud in order to mitigate data security risks.
- In response to the pandemic, 30% of respondents had to change their IT priorities but stick to their existing budget. 19% reported security budget cuts.
Ilia Sotnikov, VP of Product Management at Netwrix, comments “Cloud technologies enable financial organizations to remain competitive and offer innovative services to their clients. To leverage the cloud in a secure and compliant manner, financial organizations should invest in automated security tools such as data discovery and classification, and provide training to ensure their security pros can adapt to the rapidly changing cyber landscape.”