A joint study by software company Checkpoint and research firm Cybersecurity Insiders found that many organizations struggle with the security of their cloud.

The software company Checkpoint and the research institute Cybersecurity Insiders have jointly published a report on the security of cloud systems. Their research revealed that many more companies than expected are actually struggling with this.

Caught at high speed

No fewer than three quarters of those surveyed are concerned about the security of their cloud. At almost sixty percent, the wrong configuration is the biggest concern. The top three also includes data leaked accidentally or without permission, as well as insecure interfaces or APIs.

Many companies are rapidly expanding their cloud activities, but security is not evolving fast enough. Almost three-quarters of respondents have trouble accessing security solutions. A quarter of those surveyed confirmed having experienced an incident in the cloud in the past year.

Working in the cloud brings new ways of working and more complexity. When companies struggle with this, vulnerabilities arise in the system. Cybercriminals are aware that last year Checkpoint saw an increase of almost half as many cloud-based network attacks compared to 2021.

The trip is too much

Well organized security is crucial for a cloud system, the right procedures reduce potential vulnerabilities. In many companies, however, the mixing of measures and systems leads to a lack of transparency and control. This in turn leads to confusion and unnecessary complexity.

Seventy percent of respondents have implemented at least six different security systems, with a quarter as many as twenty. The signals from all these systems cause confusion and even alert fatigue for security teams. Of course, this negatively affects the proper functioning of security.

Not just bad news

Fortunately, positive facts could also be gleaned from the report. For example, more than 60 percent work with cloud-native tools for their configuration management. This number makes the fear of misconfiguration a bit odd.

Nearly 40 percent have now integrated DevSecOps into specific parts of their organization and one in five have implemented a comprehensive program. Additionally, nearly thirty percent use dedicated Cloud Security Posture Management Solutions (CSPM). These are not gigantic numbers, but they represent a positive development.

The concerns of the companies are understandable. For example, we recently reported on the rise in cyber attacks targeting retail businesses where the cloud emerged as a factor. In Belgium, we should worry a little less: our country proved last week to be the safest in Europe for teleworking.