Sharing Sensitive Data With An Open Link Has Grown by 23% Since Last Year: McAfee

Enterprises everywhere take advantage of cloud for speed, scale, increased agility and collaboration. But the new Cloud Adoption and Risk Report from McAfee finds that this can leave data more exposed than organizations might think.

The report is based on anonymized cloud usage data for over 30 million McAfee MVISION Cloud users worldwide in industries including financial services, healthcare, public sector, energy and legal.

Key findings:

  • 22% of cloud users share files externally, up 21% year over year
  • The number of files shared in the cloud with sensitive data has increased 53% year-over-year (YoY)
  • Sharing sensitive data with an open, publicly accessible link has increased by 23% YoY
  • Sensitive data sent to a personal email address also increased by 12% YoY.
  • Threat events in the cloud, such as a compromised account, privileged user, or insider threat, have increased 27.7% YoY
  • Most organizations think they use about 30 unique cloud services, while findings demonstrate they use close to 2,000
  • 21% of all files in the cloud contain sensitive data, demonstrating a steady increase year-over-year (YoY)
  • Enterprise organizations have an average of 14 misconfigured IaaS/PaaS instances running at one time, resulting in over 2,200 individual misconfiguration incidents per month
  • 5.5% of AWS S3 buckets have world read permissions, making them open to the public
  • 80% of all organizations experience at least one compromised account threat per month
  • 92% of all organizations have stolen cloud credentials for sale on the Dark Web
  • Threats in Office 365 have grown by 63%YoY

You can read the full study here.

Survey Methodology:

For the Cloud Adoption and Risk Report, McAfee analyzed aggregated, anonymized cloud usage data for over 30 million McAfee MVISION Cloud users worldwide at companies across all major industries including financial services, healthcare, public sector, education, retail, high tech, manufacturing, energy, utilities, legal, real estate, transportation and business services. Collectively, these users generate billions of unique transactions in the cloud each day. The McAfee cloud service registry tracks over 50 attributes of enterprise readiness, which provides the ability to track behavior using detailed data signatures for over 25,000 cloud services. Additional contextual data was sourced from our 2018 survey of 1,400 security professionals in 11 countries, all using public or private cloud services.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: