Moving to cloud without security strategy increases risk
Many organizations—both within healthcare and other industries—are in the midst of a migration to the cloud, and if cyber security is not a key part of their strategy, the risk of falling victim to attacks is real and growing.
A new survey identifies concerns that organizations have about cloud security, the threats they dealt with over the last year, and their plans for further cloud usage and security enhancements. The research was conducted by Netwrix, which provides a platform for user behavior analysis and risk mitigation in hybrid environments.
Netwrix conducted the survey by contacting 853 organizations during November 2017.
The most common cloud security concerns mentioned by respondents are the risk of unauthorized access (cited by 69 percent); the risk of malware infiltrations (50 percent); and the inability to monitor the activity of employees in the cloud (39 percent).
A sizeable percentage of organizations (45 percent) say their own employees are their biggest security risk. Even though the majority of attacks they experienced over the year were external, organizations blame their own IT staff (39 percent) and business users (33 percent) as much as or more than their cloud providers (33 percent).
Organizations are not ready to address the insider threat because they have only partial visibility into activity within their IT infrastructures. The share of organizations that have complete visibility into the activity of IT staff (28 percent), business users (17 percent), third parties with legitimate access (12 percent) and providers (9 percent) is low and needs to be improved, the report said.