Setting consistent security policies across cloud and on-premise environments and a lack of qualified security staff are also major issues
While public cloud providers expand their security services to protect their platforms, it is ultimately the customers’ responsibility to secure their data and applications on those platforms. While a majority of organizations said their public cloud instances had not been hacked (54%), 25% did not know whether they had experienced a cloud breach, while 15% confirmed a cloud security incident, according to Check Point Software Technologies’ global 2019 Cloud Security Report.
The key findings of the 2019 Cloud Security Report include:
The top four public cloud vulnerabilities: The leading vulnerabilities cited by respondents were unauthorized cloud access (42%), insecure interfaces (42%), misconfiguration of the cloud platform (40%), and account hijacking (39%).
The leading operational cloud security headaches: Security teams struggle with a lack of visibility into cloud infrastructure security and compliance (67% in total). Setting consistent security policies across cloud and on-premise environments and a lack of qualified security staff tie for third place (31% each).
Legacy security tools are not designed for public clouds: 66% of respondents said their traditional security solutions either don’t work at all, or only provide limited functionality in cloud environments.
Security challenges inhibit cloud adoption: The biggest barriers to wider public cloud adoption cited by respondents are data security (29%), risk of compromise (28%), compliance challenges (26%) and a lack of experience and qualified security staff (26%).
“The Report’s findings clearly show that enterprise security teams need to urgently reassess their security strategies and address the shortcomings of their legacy security tools to protect their evolving public cloud environments and avoid breaches. With 15% of respondents reporting they’ve had a cloud security incident, criminals are seeking to exploit organizations’ cloud vulnerabilities,” said Zohar Alon, Head of Cloud Product Line, Check Point Software Technologies. “Enterprises need to get holistic visibility across all of their public cloud environments, supported by cloud-native policy automation, compliance enforcement, privileged identity protection, and event analysis, to make their cloud deployments more secure and manageable.”
The 2019 Cloud Security Report is based on the results of a comprehensive online survey of 674 cybersecurity and IT professionals, conducted in Spring 2019 to gain deep insight into the latest trends, key challenges, and solutions for cloud security across a balanced cross-section of organizations of varying sizes across multiple industry sectors. The survey was done by Cybersecurity Insiders, the 400,000-member information security community.