Surge in Cloud Service Attacks Leaves Security Leaders Concerned About Vulnerabilities

Surge in Cloud Service Attacks Leaves Security Leaders Concerned About Vulnerabilities

By Greg Tavarez

Chief information security officers (CISOs), security analysts, and their dedicated teams have encountered a surge in security incidents, presenting unprecedented challenges to safeguarding digital assets. The mounting frequency and complexity of cyberattacks have necessitated swift and innovative responses, but these efforts are impeded by an ongoing struggle to address talent shortages in the cybersecurity workforce.

Simultaneously, the complexity of cyberattacks has been on the rise, posing new threats and increasing the need for robust defensive strategies. To make matters worse, the global geopolitical landscape remains tense. A weakening social fabric, the proliferation of disinformation and mounting economic anxiety have all contributed to an atmosphere of heightened uncertainty and risk.

CISOs find themselves climbing what appears to be a never-ending mountain. To gain better insight on this issue, Scale Venture Partners conducted comprehensive research. Their mission is to stay informed about the evolving solutions in the field of cybersecurity.

In this year’s report, security leaders shared that although the number of successful ransomware attacks and data breach attempts fell by 30% over the last year, the number of reported security incident types at organizations increased. In fact, 71% of organizations experienced three or more types of security incidents, a 51% increase year-over-year, according to the report.

Among the incidents reported, cloud service attacks emerged as the most prevalent type of incident faced by organizations in the past 12 months. Alarmingly, half of the organizations experienced at least one attack targeting a cloud service during this period. Organizations rely more heavily on cloud services for storage, communication and other crucial functions. It is important for them to secure these environments, as the consequences of a successful attack can be detrimental to an organization's reputation, financial stability and overall business continuity.

The study also revealed a concerning trend wherein a growing number of cloud services were compromised due to attacks against third-party providers. This survey period witnessed a 16% year-over-year increase, with 43% of organizations affected, compared to 37% in the previous year. As the reliance on interconnected systems and outsourcing of services grows, so does the potential for attackers to exploit weak links in the security chain. This underscores the urgent need for organizations to not only fortify their own defenses but also collaboratively work with their third-party providers to implement robust security measures and establish a unified front against threats. Failure to address this issue adequately could have severe consequences for businesses, leading to data breaches, service disruptions and damage to reputation and customer trust.

Another disturbing finding was a 58% rise in firms falling victim to phishing attacks that resulted in stolen employee credentials via cloud services. This surge in phishing-related compromises highlights the escalating risks organizations face in securing their cloud-based infrastructure and underscores the need for robust cybersecurity measures to protect sensitive data and digital assets.

Companies are realizing these realities as they continue to utilize the cloud and plan to make the necessary adjustments going into 2024. According to the report, 83% of firms intend to enforce existing security policies more strictly this year to address their security challenges. Network security was named a primary cybersecurity spending priority, followed closely by identity and access management. Cloud infrastructure security rounded out the top three.

“The shift to the cloud has been a long journey, and attackers are taking advantage now that employees regularly log into multiple cloud services, often from outside the traditional enterprise network perimeter,” said Ariel Tseitlin, partner at Scale Venture Partners. “Without a strong perimeter, identity becomes the most important and effective way to manage security. That’s where companies most devote resources – both human and machine.”

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

ServiceNow Transforms the Employee Experience with Additions to Now Platform

By: Greg Tavarez    5/20/2024

ServiceNow announced the addition of new automation solutions to the Now Platform to transform the employee experience and simplify work across the en…

Read More

ICYMI: News Around the MSP Industry

By: Greg Tavarez    5/17/2024

Here are a few articles compiled into one for readers interested in developments around the MSP space.

Read More

Wildix UK and Ireland Shake Up Leadership for Growth and Innovation

By: Greg Tavarez    5/16/2024

Wildix announced a strategic leadership transition designed to propel the company's market growth.

Read More

Are Resellers Leaving Money on the Table?

By: Special Guest    5/16/2024

The expert and correct installation of network infrastructure and other components is crucial to every IT project's success, adding tangible value by …

Read More

Bitwarden's New Standalone App Makes Two-Factor Authentication Simple

By: Greg Tavarez    5/15/2024

Bitwarden recently launched a standalone app for two-factor authentication to protect online services and applications from unauthorized access.

Read More