According to a recent report, the growing cloud usage across enterprises is driving an accompanying growth in the potential attack surface for threat actors, with cloud delivered SaaS apps cited as the top target for cyber attacks (31%) followed by cloud storage and cloud management. Further, with over half of organizations using more than 25 SaaS applications-—some of the most popular examples including Microsoft 365, Snowflake, Databricks, Salesforce and Google Workspace— and 47% of corporate data in the cloud being sensitive, securing the cloud is increasingly complex and a significant challenge for security teams.
Glenn Chisolm, Co-Founder, Obsidian had this to say:
“That SaaS is one of the top targets for cyber attacks is unsurprising. Having handled hundreds of SaaS incidents with our incident response partners, we see SaaS threats become a rising concern for organizations. SaaS breaches have grown 4x in the last year. And while configuration issues may lead to IaaS breaches, identity forms the fulcrum of SaaS breaches—leading to over 80% of the breaches. These include attacks like help desk social engineering, self-service password resets (SSPR), or attacker-in-the-middle (AiTM). SaaS posture issues as well as data security and governance gaps form the other two key drivers of SaaS breaches.”
Concerns over SaaS security have a few of my clients rethinking their SasS strategies and some have even moved back to on premise if possible. Because they believe that they can trust themselves more than a SaaS provider. They may not be wrong on that front.
Like this:
Like Loading...
Related
This entry was posted on June 27, 2024 at 8:26 am and is filed under Commentary with tags Thales. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Report Shows That SaaS Apps Are Biggest Targets Of Cyber Attacks
According to a recent report, the growing cloud usage across enterprises is driving an accompanying growth in the potential attack surface for threat actors, with cloud delivered SaaS apps cited as the top target for cyber attacks (31%) followed by cloud storage and cloud management. Further, with over half of organizations using more than 25 SaaS applications-—some of the most popular examples including Microsoft 365, Snowflake, Databricks, Salesforce and Google Workspace— and 47% of corporate data in the cloud being sensitive, securing the cloud is increasingly complex and a significant challenge for security teams.
Glenn Chisolm, Co-Founder, Obsidian had this to say:
“That SaaS is one of the top targets for cyber attacks is unsurprising. Having handled hundreds of SaaS incidents with our incident response partners, we see SaaS threats become a rising concern for organizations. SaaS breaches have grown 4x in the last year. And while configuration issues may lead to IaaS breaches, identity forms the fulcrum of SaaS breaches—leading to over 80% of the breaches. These include attacks like help desk social engineering, self-service password resets (SSPR), or attacker-in-the-middle (AiTM). SaaS posture issues as well as data security and governance gaps form the other two key drivers of SaaS breaches.”
Concerns over SaaS security have a few of my clients rethinking their SasS strategies and some have even moved back to on premise if possible. Because they believe that they can trust themselves more than a SaaS provider. They may not be wrong on that front.
Share this:
Like this:
Related
This entry was posted on June 27, 2024 at 8:26 am and is filed under Commentary with tags Thales. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.