80% of organizations experienced a cloud security breach last year

Couldn’t attend Transform 2022? View all summit sessions in our on-demand library now! Watch here.


Cloud technology has expanded the attack surface far beyond the boundaries of the traditional network. Today, cloud security not only protects a handful of resources, but maintains full visibility into which third-party services and applications are processing or storing sensitive information, and develops applications with minimal code issues.

Unfortunately, few organizations meet these standards.

New research released today by security provider Snyk found that 80% of organizations have experienced at least one serious cloud security incident in the past year, including data breaches, data leaks and intrusions.

These new findings highlight that businesses need to completely re-evaluate how they protect data stored and processed in the cloud. Which means discarding outdated traditional approaches to code development.

Event

MetaBeat 2022

MetaBeat will bring together thought leaders to provide guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, California.

Register here

Pinning of cloud security

It’s no secret that cloud security is a challenge. The survey shows that 78% of organizations claim that traditional security solutions either do not work at all or have limited functionality in cloud environments, while 93% are moderately or extremely concerned about the massive skills shortage of trained cyber security professionals.

At the same time, 41% of respondents to Snyk’s report say cloud-native services further complicate their security efforts.

“The widespread adoption of cloud-native application development has enabled modern developers to move faster and increase output to meet the demands of today’s business,” said Andrew Wright, the author of Snyk’s cloud security report. “However, new challenges and complexities have emerged as the overall attack surface has expanded and the clear delineation of security responsibilities has blurred.”

Wright added that “Many of today’s cloud security failures are the result of ineffective collaboration between teams and team training to address this transformation and ensure security, with 77% of organizations citing this as a major challenge,” he said. “For example, when different groups use different tools or policy frameworks, harmonizing the work between these groups and ensuring consistent enforcement can be challenging.”

The cloud security market

The good news is that these challenges can be overcome with some strategic changes — infrastructure-as-code (IaC) security offers an average 70% reduction in cloud misconfigurations.

With IaC organizations, it can provide infrastructure through code rather than administrative processes, while using automated code scanning to reduce the potential for misconfigurations and security issues.

Snyk’s developer security platform, which helped the organization achieve an $8.5 billion valuation, provides an alternative approach to cloud security, allowing developers to automatically find and fix vulnerabilities in their code with security intelligence , so they can ensure the development life cycle.

Competitors SonarQube also offer a similar approach, providing an open-source platform designed to continuously inspect code for bugs and security issues to prevent developers from producing exploitable cloud applications.

SonarQube’s parent company, SonarSource, announced that it has raised $412 million in funding and achieved a $4.7 billion valuation.

From a development perspective, continuous code inspection is critical to ensuring that developers can scale cloud environments at pace without leaving potential entry points for threat actors to exploit.

VentureBeat’s mission is set to be a digital town square for technical decision makers to learn about and transact business-transformative technology. Discover our Updates.

Leave a Comment