Sophos: Seven in 10 Organizations Experienced a Cloud Security Incident

According to a report recently released by Sophos, 70 percent of organizations experienced a security incident in their public cloud environment. This information comes from the State of Cloud Security 2020 report, based on information collected from over 3,500 IT managers across 26 countries. The report revealed that as security incidents in the cloud ramp up, businesses need to take added precautions to prevent against unique cloud security threats.

Sophos’ research discovered that 70 percent of businesses had suffered from a public cloud security breach in the last year. The report also showed that 96 percent of companies are worried about how secure their cloud is across all six of the major cloud vendors. These results suggest a lack in faith among cloud customers that vendors are concerned with cloud security, which is compounded by the uptick in security breaches in the major cloud environments.

The most common type of security incident companies suffered from was malware, with 34 percent of businesses citing a malware attack in the past year. Other common types of security incidents among those Sophos interviewed were exposed data (29 percent) and ransomware (28 percent). Incident rates also varied around the glove, with India seeing the most prevalent amount of attacks. Sophos believes this is due to cybercriminals focusing their efforts on companies with the most promising opportunities for return.

In the company’s press release, Sophos’ principal research scientist Chester Wisniewski stated: “Ransomware, not surprisingly, is one of the most widely reported cybercrimes in the public cloud. The most successful ransomware attacks include data in the public cloud, according to the State of Ransomware 2020 report, and attackers are shifting their methods to target cloud environments that cripple necessary infrastructure and increase the likelihood of payment. The recent increase in remote working provides extra motivation to ​disable cloud infrastructure that is being relied on more than ever, so it’s worrisome that many organizations still don’t understand their responsibility in securing cloud data and workloads. Cloud security is a shared responsibility, and organizations need to carefully manage and monitor cloud environments in order to stay one step ahead of determined attackers.”

Download the State of Cloud Security 2020 report here.