Cloud data leaks tough to spot
Cloud-based security incidents are not uncommon, but agencies found data leaks the hardest to detect, according to a new survey.
In 2020, phishing, data leaks and targeted infrastructure attacks were the most common cloud attacks. While most incidents were spotted within hours, for 27% of government agencies responding to the 2021 Netwrix Cloud Data Security Report, data leaks took days to find. What’s more, resolving data leaks also took longer than other incidents, with 34% of government agencies spending weeks to discover data loss, and 67% needing months to recover from account compromise and data loss.
Most agencies said lack of IT/security staff, employee negligence and tight budgets were behind cloud security incidents. According to Netwrix, public-sector organizations allocate only 14% of their cybersecurity budget to cloud security, which is the lowest result of any sector. Plus, 47% of agencies have had to adjust their IT priorities as a result of the pandemic while remaining within their existing budgets.
To respond to cloud security challenges, 65% of agencies are auditing of user activity 56% are classifying data classification and 53% reviewing access rights.
Agencies need visibility into data, activity and risks across the cloud or hybrid environment so they can “quickly detect, prioritize and respond to threats across the IT estate,” Netwrix Vice President of Product Management Ilia Sotnikov said.
Read the survey summary here.
Connect with the GCN staff on Twitter @GCNtech.