As more and more businesses move their operations to the cloud, the need for cloud security solutions is growing rapidly. And with the rising data breaches, gaps in security measures are inflicting heavy losses for organizations across the world.
Many industries have regulations that require businesses to protect their data. Cloud security helps in this regard, but most are lagging behind.
We have compiled some of the recent cloud security trends and the numbers that shows the ground reality of today’s cloud security landscape. From cloud adoption statistics to public facing cloud assets exposures, we have covered it all.
35 Cloud Security Statistics You Need Know in 2024
2024 State of Cloud Security Report - Orca
- 81% of organizations have public facing neglected assets with open ports. Attackers routinely scan for open ports and known vulnerabilities, making these assets—which often do not have a patch available—prime targets.
- 84% of organizations have at least one public-facing neglected asset.
- 21% of organizations have at least one public-facing storage bucket with sensitive data. Misconfigurations in sensitive data storage increase the risks of exposed customer data, ransomware, reputational damage, andregulatory penalties.
- 61% of organizations have a root user or account owner without MFA. Because the root user has complete access to all services and resources in the cloud account, it is highly recommended to use MFA as an extra layer of security.
- 82% of organizations have a Kubernetes API server that is publicly accessible. Unrestricted access to the API server opens paths for attackers to reach underlying Kubernetes infrastructure and workloads, which could lead to data exposure and supply chain attacks.
- 59% of organizations still have at least one asset vulnerable to Log4Shell. Despite Log4Shell being discovered 2+ years ago and described as the riskiest zero-day vulnerability in a decade, many organizations have still not completely eradicated the vulnerability from their cloud estate.
- 62% of organizations have severe vulnerabilities in code repositories. These vulnerabilities exist in code that could imminently be pushed to production environments and cause data breaches and system compromises.
- 82% of AWS SageMaker users have a notebook exposed to the internet. Amazon Sagemaker, a cloud-based AI platform, often contains sensitive training data, and bad actors are aware of this. This makes it important to sufficiently protect and limit access to these resources.
Cloud Threat Report 2020 - Oracle & KPMG
- 88% of organizations currently use public cloud infrastructure services.
- 92% of organization has a gap between current and planned cloud usage and the maturity of their cloud security program.
- On average, our research respondents report their organization uses over 100 discrete cybersecurity controls.
- 80% of organizations are now considering buying a significant amount of their cybersecurity technologies from a single vendor.
- 37% of accounts in organizations have overly permissive access rights to data.
- 54% of organization store their cloud secrets in unprotected areas such as public cloud object stores.
- 51% of misconfigured cloud services is due to adoption of multi-factor authentication (MFA) for most critical cloud services.
- 59% of organization with members having privileged cloud accounts have had those credentials compromised by a spear phishing attack.
2023 Cloud Security Study- Thales
- 79% of organizations use multi-cloud environment.
- 55% of organization find securing data in the cloud as a complex process.
- 40% or more of their data in the cloud is of sensitive nature.
- 55% of organization say human error is the leading cause of cloud data breaches.
- Only 2% of organization report 100% encryption of sensitive data in the cloud.
- On average, security teams take 145 hours (approximately 6 days) to resolve a security alert.
- Sensitive data, such as personally identifiable information (PII), financial records, or intellectual property, are found in 66% of storage buckets and 63% of publicly exposed storage buckets.
- 83% of organizations have hard-coded credentials in their source control management systems, and 85% have hard-coded credentials in virtual machines’ user data.
- 76% of organizations don’t enforce MFA for console users, and 58% of organizations don’t enforce MFA for root/admin users.
- 63% of the codebases in production have unpatched vulnerabilities rated High or Critical (CVSS >= 7.0), and 11% of the hosts exposed in public clouds haveHigh or Critical vulnerabilities.
- 61% of cloud accounts have storage buckets that don’t enable access logging.
- 55% of organizations don’t enforce AWS EBS volume encryption.
- 44% of organizations don’t enforce Azure SQL encryption.
- 56% of organizations don’t enforce GCP Kubernetes cluster application-layer secrets encryption.
- 41% of organizations have database services (e.g., SQL Server, MySQL, Redis) exposed to the public internet.
- 73% of organizations have Remote Desktop Protocol (RDP) exposed to the public internet.
Cloud Threat Landscape Report 2021 & 2023- IBM
- Over half of cloud breaches occurred due to shadow IT.
- Cloud vulnerabilities currently totaling over 2,500 vulnerabilities, a 150% increase in the last five years.
- There is a 194% increase of new cloud-related Common Vulnerabilities and Exposures.
Protect Cloud Assets, Discover New Opportunities
Businesses are increasingly using cloud to store their most critical sensitive data and other essential data such as developer’s secrets, business IP, customer data and many more.
To know the real value of these data, intelligence on top of it is required. Unless there is a security-first approach in the organization, gaining real value and context out of your data is tough.
OptIQ Data Security Platform ensures your cloud environment is free from any misconfigurations, gets you real-time alerts for overly-permissive access, monitors your end point security and puts the control of your data back into your hands.
Our platform automatically discovers sensitive data, classifies them into your preferred sensitive categories and puts governance on top of it for easy management of your security posture. Request a demo to understand how OptIQ can help you secure your most critical sensitive data.