Cloud and mobile are the weakest links

Third instalment of 2019 Security Report highlights the cloud and mobile attack vectors used to target enterprises: nearly 1 in 5 organizations experienced a cloud security incident in the past year.

  • 5 years ago Posted in
Check Point® Software Technologies  has published the third instalment of its 2019 Security Report.  It highlights how threat actors are increasingly targeting the weakest, least protected points in an organization’s IT infrastructure – their public cloud and mobile deployments. 

 

The third instalment of the 2019 Security Report reveals the key cyber-attack trends used by criminals to target enterprise cloud and mobile estates during 2018. It also reveals enterprise IT and security teams’ key security concerns about these deployments. Highlights of the third instalment include:

 

·         18% of organizations globally had a cloud security incident in the past year:  the most common incident types were data leaks / breaches, account hijacks, and malware infections.

 

·         The top four public cloud security threats:  IT professionals rated misconfiguration of cloud platforms, leading to data loss or breaches as the biggest threat, cited by 62%; followed by unauthorized access to cloud resources (55%); insecure interfaces and APIs (50%); hijacking of accounts or data traffic (47%).

 

·         30% of IT professionals still consider security is the responsibility of the cloud service providerthis worrying finding negates recommendations that cloud security should follow the mutual responsibility model, in which security is shared by both the cloud provider and the customer.

 

·         59% of IT professionals do not use mobile threat defences:  a majority of organizations have not deployed mobile security solutions capable of detecting leading threats including mobile malware, fake or malicious apps, man-in-the-middle attacks and system vulnerabilities.

 

·         Only 9% of IT professionals consider threats on mobile a significant security risk:  yet malware can propagate from unprotected mobile devices to organizations’ cloud- or on-premise networks, exploiting this weak link in enterprise security defences.

 

The third instalment of our 2019 Security Report shows just how vulnerable organizations are to attacks targeting their cloud and mobile estates, because there is a lack of awareness of the threats they face and how to mitigate them.  As nearly 20% or organizations have experienced a cloud incident in the past year, it’s clear that criminals are looking to exploit these security gaps,” said Zohar Alon, Head of Cloud Product Line, Check Point Software Technologies.  “By reviewing and highlighting these developments in the Report, organizations can get a better understanding of the threats they face, and how they prevent them impacting on their business.”
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...