From Kurils with love: Kaspersky supports expedition to the Kuril Islands, highlighting the ecological uniqueness and challenges of the region
Learn more >
Woburn, MA – May 7, 2019 – Many companies expect cloud providers to be responsible for the safety of data stored on their platforms, but according to a new Kaspersky Lab report, cybersecurity incidents in the cloud are most often caused by a cloud customer’s employees, rather than by the provider themselves. The research found that for companies who have experienced a data breach affecting their public cloud infrastructure, social engineering was part of the attack for 88% of SMBs and 91% of enterprises.
Cloud adoption allows organizations to benefit from more agile business processes, reduced capital expenditure and faster IT provision. More than a third (37%) of SMBs and half (50%) of enterprises are currently using public cloud services, with many planning to increase their usage. However, when making the shift to the cloud, many organizations worry about infrastructure continuity and the security of their data.
The consequences of an IT security incident can make the benefits of cloud redundant, and instead evoke painful costs and reputational damage. Knowing this, at least a third of those surveyed in both SMB and enterprise companies (35% at SMBs and 39% at enterprises) are concerned about incidents affecting IT infrastructure hosted by a third party.
However, while organizations are primarily worried about the integrity of external cloud platforms, they are far more likely to be affected by weaknesses closer to home, such as phishing and other social engineering tactics. A successful breach carried out using social engineering will cost an SMB $206,000 on average, rising to over $2 million for an enterprise.
Kaspersky Lab’s research found that there is still room for improvement to ensure adequate cybersecurity measures are in place when working with third-party providers. For example, only 39% of SMBs and 47% of enterprises have implemented tailored protection for the cloud. This may be due to businesses relying on the cloud infrastructure provider for cybersecurity, rather than taking matters into their own hands. Alternatively, businesses may have false confidence that standard endpoint protection offers adequate security for cloud environments.
“The first step for any business when migrating to the public cloud is to understand who is responsible for their business data and the workloads held in it,” said Maxim Frolov, vice president of global sales at Kaspersky Lab. “Cloud providers normally have dedicated cybersecurity measures in place to protect their platforms and customers, but when a threat is on the customer’s side, it is no longer the provider’s responsibility. Our research shows that companies should be more attentive to the cybersecurity hygiene of their employees and take measures that will protect their cloud environment from the inside.”
Kaspersky Lab advises businesses to take the following measures, to ensure their data remains secure in the cloud:
The full report, ‘Understanding security of the cloud: From adoption benefits to threats and concerns’, is available here.
Kaspersky Lab is a global cybersecurity company, which has been operating in the market for over 21 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
Sophisticated malware enables almost unlimited monitoring of device location, messages, contacts and mediaLearn more >