Over half of organisations suffered cloud cyberattack in last 12 months

Despite more tools and larger budgets, IT teams were slower to detect threats in 2022 than in 2020.

  • 2 years ago Posted in

Netwrix has released its global 2022 Cloud Security Report. It reveals that over half (53 per cent) of organisations experienced a cyberattack on their cloud infrastructure within the last 12 months. Phishing was the most common type of attack, experienced by 73 per cent of respondents. 

The report also notes that the average detection time for most types of attacks has increased since 2020. The most significant slowdown was for supply chain compromise: In 2020, 76 per cent of respondents spotted this type of attack within minutes or hours, but in 2022, only 47 per cent found it that quickly. Ransomware became harder to uncover as well; 86 per cent of organisations needed minutes or hours to detect ransomware in 2020, but in 2022, this share dropped to 74 per cent. 

“Attacks are maturing faster than the expertise, tools and processes defending against them. Organisations are implementing more security controls and spending more money to stay safe — 49 per cent confirmed their cloud security budget increased in 2022,” said Dirk Schrader, VP of Security Research at Netwrix. “But more tools doesn’t always mean more security. Point solutions from different vendors operate separately, offer overlapping or conflicting functionality, and require organisations to deal with multiple support teams. This complexity leads to security gaps. One way to solve this problem is to build a security architecture with a select, smaller group of trusted vendors that develop, offer, and support an extensive portfolio of solutions.” 

In addition, the report finds that breaches are getting costlier. This year, 49 per cent of respondents said that an attack led to unplanned expenses to fix security gaps, up from 28 per cent in 2020. The share who faced compliance fines more than doubled (from 11 per cent to 25 per cent), as did the number who saw their company valuation drop (from 7 per cent to 17 per cent). 

The top three data security challenges named by survey respondents stayed the same from 2020: lack of IT staff, lack of expertise in cloud environments and lack of budget. Money is still an issue for many organisations but the share of those who struggle with this problem dropped from 47 per cent in 2020 to 34 per cent in 2022. 

Other survey findings include: 

80 per cent of organisations that use the cloud store sensitive data there 

More than half (53 per cent) of respondents said security improvement was their main goal for cloud adoption

The majority of respondents who classify their data were able to detect an attack within minutes, while those who don’t classify data usually needed hours or even days 

Auditing of user activity is particularly effective for phishing, ransomware attacks and account compromise, where it reduced detection time from hours to minutes 

“The report reveals that cloud adoption is in full swing: Organisations report that 41 per cent of their workloads are already in the cloud, and they expect that share to increase to 54 per cent by the end of 2023. IT teams are learning how to use the cloud both efficiently and securely as well as train their fellow colleagues similarly. It is time to pay closer attention to security measures that improve the ability to identify, protect against, detect, and respond to threats, in order to reduce both the likelihood and impact of a breach,” adds Schrader. 


Architectural challenges are holding UK organisations back - with just 24% citing having sufficient...
Skillsoft has released its 2024 IT Skills and Salary Report. Based on insights from more than 5,100...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Now Platform unites ASDA’s operations across Technology, Customer, Finance, and Employee...
The 2024 State of Data Intelligence Report finds companies struggling with AI governance more than...
Over a quarter (26%) have already turned to outsourcing as a solution.
On average, only 48% of digital initiatives meet or exceed business outcome targets, according to...
Research unveils data-driven, condition-based device refresh approach, supported by...