Nine-in-Ten Data Breaches in the Cloud Caused by Social Engineering, Finds Kaspersky Lab
SMB and enterprise IT leaders worry about data security practices at third-party cloud providers, but social engineering tactics are a bigger threat
Woburn, MA – May 7, 2019 – Many companies expect cloud providers to be responsible for the safety of data stored on their platforms, but according to a new Kaspersky Lab report, cybersecurity incidents in the cloud are most often caused by a cloud customer’s employees, rather than by the provider themselves. The research found that for companies who have experienced a data breach affecting their public cloud infrastructure, social engineering was part of the attack for 88% of SMBs and 91% of enterprises.
Cloud adoption allows organizations to benefit from more agile business processes, reduced capital expenditure and faster IT provision. More than a third (37%) of SMBs and half (50%) of enterprises are currently using public cloud services, with many planning to increase their usage. However, when making the shift to the cloud, many organizations worry about infrastructure continuity and the security of their data.
The consequences of an IT security incident can make the benefits of cloud redundant, and instead evoke painful costs and reputational damage. Knowing this, at least a third of those surveyed in both SMB and enterprise companies (35% at SMBs and 39% at enterprises) are concerned about incidents affecting IT infrastructure hosted by a third party.
However, while organizations are primarily worried about the integrity of external cloud platforms, they are far more likely to be affected by weaknesses closer to home, such as phishing and other social engineering tactics. A successful breach carried out using social engineering will cost an SMB $206,000 on average, rising to over $2 million for an enterprise.
Kaspersky Lab’s research found that there is still room for improvement to ensure adequate cybersecurity measures are in place when working with third-party providers. For example, only 39% of SMBs and 47% of enterprises have implemented tailored protection for the cloud. This may be due to businesses relying on the cloud infrastructure provider for cybersecurity, rather than taking matters into their own hands. Alternatively, businesses may have false confidence that standard endpoint protection offers adequate security for cloud environments.
“The first step for any business when migrating to the public cloud is to understand who is responsible for their business data and the workloads held in it,” said Maxim Frolov, vice president of global sales at Kaspersky Lab. “Cloud providers normally have dedicated cybersecurity measures in place to protect their platforms and customers, but when a threat is on the customer’s side, it is no longer the provider’s responsibility. Our research shows that companies should be more attentive to the cybersecurity hygiene of their employees and take measures that will protect their cloud environment from the inside.”
Kaspersky Lab advises businesses to take the following measures, to ensure their data remains secure in the cloud:
- Teach employees to understand and recognize that they can become victims of cyberthreats. Train them to avoid clicking on links or open attachments in communications from unknown users. Dedicated awareness training, such as gamified Kaspersky Security Awareness, can help with this.
- To minimize the risk of unapproved use of cloud platforms, educate staff about the negative effect of shadow IT and establish procedures for purchasing and consuming cloud infrastructure for each department.
- Use an endpoint security solution to prevent social engineering attacks. It should include protection for mail servers, mail clients and browsers.
- Implement protection for your cloud infrastructure as soon as possible after migration. Choose a dedicated cloud cybersecurity solution with a unified management console to manage security across all cloud platforms, and support automatic detection of cloud hosts, as well as auto-scale the roll out of protection to each one.
- Kaspersky Hybrid Cloud Security offers businesses multi-layered protection for multi-cloud environments, unified cybersecurity and seamless orchestration. The solution detects common and complex threats and protects the entire cloud infrastructure — from on premise virtualized environments to public cloud platforms — such as AWS and Microsoft Azure.
The full report, ‘Understanding security of the cloud: From adoption benefits to threats and concerns’, is available here.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company, which has been operating in the market for over 21 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.