Surge in Cloud Service Attacks Leaves Security Leaders Concerned About Vulnerabilities

Surge in Cloud Service Attacks Leaves Security Leaders Concerned About Vulnerabilities

By Greg Tavarez

Chief information security officers (CISOs), security analysts, and their dedicated teams have encountered a surge in security incidents, presenting unprecedented challenges to safeguarding digital assets. The mounting frequency and complexity of cyberattacks have necessitated swift and innovative responses, but these efforts are impeded by an ongoing struggle to address talent shortages in the cybersecurity workforce.

Simultaneously, the complexity of cyberattacks has been on the rise, posing new threats and increasing the need for robust defensive strategies. To make matters worse, the global geopolitical landscape remains tense. A weakening social fabric, the proliferation of disinformation and mounting economic anxiety have all contributed to an atmosphere of heightened uncertainty and risk.

CISOs find themselves climbing what appears to be a never-ending mountain. To gain better insight on this issue, Scale Venture Partners conducted comprehensive research. Their mission is to stay informed about the evolving solutions in the field of cybersecurity.

In this year’s report, security leaders shared that although the number of successful ransomware attacks and data breach attempts fell by 30% over the last year, the number of reported security incident types at organizations increased. In fact, 71% of organizations experienced three or more types of security incidents, a 51% increase year-over-year, according to the report.

Among the incidents reported, cloud service attacks emerged as the most prevalent type of incident faced by organizations in the past 12 months. Alarmingly, half of the organizations experienced at least one attack targeting a cloud service during this period. Organizations rely more heavily on cloud services for storage, communication and other crucial functions. It is important for them to secure these environments, as the consequences of a successful attack can be detrimental to an organization's reputation, financial stability and overall business continuity.

The study also revealed a concerning trend wherein a growing number of cloud services were compromised due to attacks against third-party providers. This survey period witnessed a 16% year-over-year increase, with 43% of organizations affected, compared to 37% in the previous year. As the reliance on interconnected systems and outsourcing of services grows, so does the potential for attackers to exploit weak links in the security chain. This underscores the urgent need for organizations to not only fortify their own defenses but also collaboratively work with their third-party providers to implement robust security measures and establish a unified front against threats. Failure to address this issue adequately could have severe consequences for businesses, leading to data breaches, service disruptions and damage to reputation and customer trust.

Another disturbing finding was a 58% rise in firms falling victim to phishing attacks that resulted in stolen employee credentials via cloud services. This surge in phishing-related compromises highlights the escalating risks organizations face in securing their cloud-based infrastructure and underscores the need for robust cybersecurity measures to protect sensitive data and digital assets.

Companies are realizing these realities as they continue to utilize the cloud and plan to make the necessary adjustments going into 2024. According to the report, 83% of firms intend to enforce existing security policies more strictly this year to address their security challenges. Network security was named a primary cybersecurity spending priority, followed closely by identity and access management. Cloud infrastructure security rounded out the top three.

“The shift to the cloud has been a long journey, and attackers are taking advantage now that employees regularly log into multiple cloud services, often from outside the traditional enterprise network perimeter,” said Ariel Tseitlin, partner at Scale Venture Partners. “Without a strong perimeter, identity becomes the most important and effective way to manage security. That’s where companies most devote resources – both human and machine.”




Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

SHARE THIS ARTICLE
Related Articles

SonicWall Powers Secure Access for Missouri MSP, Improving Cybersecurity and Network Access for Clients

By: Erik Linask    6/27/2025

With SonicWall, Stronghold Data delivers a modern, secure remote access solution that ensures access to networks and resources and improves cybersecur…

Read More

Guardz Unleashes AI-Driven ITDR to Combat Escalating Identity-Based Threats

By: Erik Linask    6/26/2025

The launch of Identity Threat Detection and Response (ITDR) gives MSPs the tools to defend SMBs against increasingly sophisticated attacks targeting u…

Read More

Barracuda Managed Vulnerability Security: A Proactive Shield Against Escalating Cyber Threats

By: Erik Linask    6/26/2025

Barracuda's Managed Vulnerability Security is a fully managed scanning and risk assessment service powered by its global SOC.

Read More

Can MSPs Cut Microsoft Teams Incident Management Time by 50%? Martello Says Yes

By: Erik Linask    6/18/2025

New research shows MSPs can achieve a 50% reduction in labor required for Microsoft Teams incident management by using proactive monitoring and advanc…

Read More

Supercharging Your MSP with AI at SuperSummit 2025 in Dallas

By: Erik Linask    6/18/2025

SuperSummit 2025 features targeted content and education to help MSPs capitalize on the AI revolution to improve there businesses models and operation…

Read More