Surge in Cloud Service Attacks Leaves Security Leaders Concerned About Vulnerabilities

Surge in Cloud Service Attacks Leaves Security Leaders Concerned About Vulnerabilities

By Greg Tavarez

Chief information security officers (CISOs), security analysts, and their dedicated teams have encountered a surge in security incidents, presenting unprecedented challenges to safeguarding digital assets. The mounting frequency and complexity of cyberattacks have necessitated swift and innovative responses, but these efforts are impeded by an ongoing struggle to address talent shortages in the cybersecurity workforce.

Simultaneously, the complexity of cyberattacks has been on the rise, posing new threats and increasing the need for robust defensive strategies. To make matters worse, the global geopolitical landscape remains tense. A weakening social fabric, the proliferation of disinformation and mounting economic anxiety have all contributed to an atmosphere of heightened uncertainty and risk.

CISOs find themselves climbing what appears to be a never-ending mountain. To gain better insight on this issue, Scale Venture Partners conducted comprehensive research. Their mission is to stay informed about the evolving solutions in the field of cybersecurity.

In this year’s report, security leaders shared that although the number of successful ransomware attacks and data breach attempts fell by 30% over the last year, the number of reported security incident types at organizations increased. In fact, 71% of organizations experienced three or more types of security incidents, a 51% increase year-over-year, according to the report.

Among the incidents reported, cloud service attacks emerged as the most prevalent type of incident faced by organizations in the past 12 months. Alarmingly, half of the organizations experienced at least one attack targeting a cloud service during this period. Organizations rely more heavily on cloud services for storage, communication and other crucial functions. It is important for them to secure these environments, as the consequences of a successful attack can be detrimental to an organization's reputation, financial stability and overall business continuity.

The study also revealed a concerning trend wherein a growing number of cloud services were compromised due to attacks against third-party providers. This survey period witnessed a 16% year-over-year increase, with 43% of organizations affected, compared to 37% in the previous year. As the reliance on interconnected systems and outsourcing of services grows, so does the potential for attackers to exploit weak links in the security chain. This underscores the urgent need for organizations to not only fortify their own defenses but also collaboratively work with their third-party providers to implement robust security measures and establish a unified front against threats. Failure to address this issue adequately could have severe consequences for businesses, leading to data breaches, service disruptions and damage to reputation and customer trust.

Another disturbing finding was a 58% rise in firms falling victim to phishing attacks that resulted in stolen employee credentials via cloud services. This surge in phishing-related compromises highlights the escalating risks organizations face in securing their cloud-based infrastructure and underscores the need for robust cybersecurity measures to protect sensitive data and digital assets.

Companies are realizing these realities as they continue to utilize the cloud and plan to make the necessary adjustments going into 2024. According to the report, 83% of firms intend to enforce existing security policies more strictly this year to address their security challenges. Network security was named a primary cybersecurity spending priority, followed closely by identity and access management. Cloud infrastructure security rounded out the top three.

“The shift to the cloud has been a long journey, and attackers are taking advantage now that employees regularly log into multiple cloud services, often from outside the traditional enterprise network perimeter,” said Ariel Tseitlin, partner at Scale Venture Partners. “Without a strong perimeter, identity becomes the most important and effective way to manage security. That’s where companies most devote resources – both human and machine.”

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

LogMeIn Rescue, to the Rescue: Forrester Studies GoTo's Support Capabilities

By: Alex Passett    9/22/2023

Over a period of three years, a Forrester Total Economic Impact (TEI) study examined the business and financial benefits of LogMeIn Rescue, a flagship…

Read More

Canadian Managed IT Services Gear Up for Cybersecurity Awareness Month

By: Contributing Writer    9/22/2023

October, prominently known as Cybersecurity Awareness Month, is an annual observance and an intensified rally for Canada's premier IT service provider…

Read More

ITEXPO Exhibitor RingLogix Looks to TeamMate to Open New Possibilities for MSPs

By: Greg Tavarez    9/21/2023

The RingLogix and TeamMate collaboration enables MSPs to get the most out of Microsoft Teams as a collaboration solution.

Read More

Acronis Introduces Advanced Automation for MSPs

By: Stefania Viscusi    9/21/2023

Acronis Advanced Automation addresses a common challenge faced by MSPs, the increasing complexities businesses face with so many different initiatives…

Read More

Comprehensive Cybersecurity Solutions: Rackspace Taps Palo Alto Networks

By: Alex Passett    9/20/2023

Strengthening organizations' abilities to stay ahead of progressively evolving cyber threats and attackers is key. That's why Rackspace Technology has…

Read More