Survey: Organizations Increase Risk with Over Reliance on Cloud Vendors for Security
June 25 2019 - 8:30AM
Business Wire
CyberArk Report Shows 75 Percent of
Organizations Rely Primarily on Cloud Providers to Protect Their
Workloads
According to a new survey from CyberArk (NASDAQ: CYBR), as
global organizations increasingly move critical applications,
regulated customer data and development work into public cloud
environments, 36 percent say the number one benefit for moving
workloads to the cloud is to offload security risk. This is despite
many public cloud providers providing straightforward guidance on
their shared responsibility models for security and compliance in
cloud environments.
The results are part of the newly-released CyberArk Global
Advanced Threat Landscape Report 2019: Focus on Cloud.
“The risks caused by a lack of clarity about who is responsible
for security in the cloud is compounded by an overall failure by
organizations to secure privileged access in these environments,”
said Adam Bosnian, executive vice president, global business
development, CyberArk. “Despite the often sensitive and highly
regulated data being stored in the cloud, it was surprising to see
that less than half of organizations don’t have a strategy in place
for securing privileges in the cloud, a finding that remains
unchanged since our last report.”
As organizations utilize the cloud to accelerate digital
transformation, there must be greater awareness of where potential
security risks exist:
- 49 percent of respondents migrate business critical
applications (i.e., ERP, CRM or financial management) into the
public cloud
- 45 percent store customer data subject to regulatory oversight
in the public cloud.
- 39 percent use the public cloud for internal development,
including DevOps
- 75 percent rely on the cloud provider’s built-in security,
despite half (50 percent) of this number recognizing cloud
providers’ built-in security is not sufficient
Privileged Access is the Greatest Cloud Security
Concern
According to the survey, the greatest security concerns in
public cloud usage are:
- Insiders, partners and contractors with privileged access (46
percent)
- Unauthorized access to cloud management consoles (46
percent)
- Shared credentials across compute, storage or application
instances (44 percent)
The problem becomes critical when unsecured and unmanaged
credentials provide privileged access, which can enable attackers
to escalate privileges and gain elevated access within cloud
infrastructure. According to the survey:
- A majority of organizations (62 percent) are unaware that
credentials, secrets and privileged accounts exist in IaaS and PaaS
environments
- Only 49 percent currently have a privileged access security
strategy in place for cloud infrastructure and workloads
The findings are part of an early look at the CyberArk Global
Advanced Threat Landscape Report 2019. To download a copy of the
report focused on the current state of cloud security, please
visit: http://www.cyberark.com/TL19cloud
About CyberArk
CyberArk (NASDAQ: CYBR) is the global leader in privileged
access security, a critical layer of IT security to protect data,
infrastructure and assets across the enterprise, in the cloud and
throughout the DevOps pipeline. CyberArk delivers the industry’s
most complete solution to reduce risk created by privileged
credentials and secrets. The company is trusted by the world’s
leading organizations, including more than 50 percent of the
Fortune 500, to protect against external attackers and malicious
insiders. A global company, CyberArk is headquartered in Petach
Tikva, Israel, with U.S. headquarters located in Newton, Mass. The
company also has offices throughout the Americas, EMEA, Asia
Pacific and Japan. To learn more about CyberArk, visit
www.cyberark.com, read the CyberArk blogs or follow on Twitter via
@CyberArk, LinkedIn or Facebook.
Copyright © 2019 CyberArk Software. All Rights Reserved. All
other brand names, product names, or trademarks belong to their
respective holders.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20190625005274/en/
Media Relations Contacts: Brian Merrill, fama PR Phone:
+1-617-986-5005 Email: cyberark@famapr.com
Liz Campbell, CyberArk Phone: +1-617-558-2191 Email:
press@cyberark.com
Investor Relations Contact: Erica Smith, CyberArk Phone:
+1 617-630-6426 Email: ir@cyberark.com
CyberArk Software (NASDAQ:CYBR)
Historical Stock Chart
From Mar 2024 to Apr 2024
CyberArk Software (NASDAQ:CYBR)
Historical Stock Chart
From Apr 2023 to Apr 2024