Despite more tools and larger budgets, IT teams were slower to detect threats in 2022 than in 2020
Netwrix, a cybersecurity vendor that makes data security easy, today announced the release of its global 2022 Cloud Security Report. It reveals that over half (53 per cent) of organisations experienced a cyberattack on their cloud infrastructure within the last 12 months. Phishing was the most common type of attack, experienced by 73 per cent of respondents.
The report also notes that the average detection time for most types of attacks has increased since 2020. The most significant slowdown was for supply chain compromise: In 2020, 76 per cent of respondents spotted this type of attack within minutes or hours, but in 2022, only 47 per cent found it that quickly. Ransomware became harder to uncover as well; 86 per cent of organisations needed minutes or hours to detect ransomware in 2020, but in 2022, this share dropped to 74 per cent.
“Attacks are maturing faster than the expertise, tools and processes defending against them. Organisations are implementing more security controls and spending more money to stay safe — 49 per cent confirmed their cloud security budget increased in 2022,” said Dirk Schrader, VP of Security Research at Netwrix. “But more tools doesn’t always mean more security. Point solutions from different vendors operate separately, offer overlapping or conflicting functionality, and require organisations to deal with multiple support teams. This complexity leads to security gaps. One way to solve this problem is to build a security architecture with a select, smaller group of trusted vendors that develop, offer, and support an extensive portfolio of solutions.”
In addition, the report finds that breaches are getting costlier. This year, 49 per cent of respondents said that an attack led to unplanned expenses to fix security gaps, up from 28 per cent in 2020. The share who faced compliance fines more than doubled (from 11 per cent to 25 per cent), as did the number who saw their company valuation drop (from 7 per cent to 17 per cent).
The top three data security challenges named by survey respondents stayed the same from 2020: lack of IT staff, lack of expertise in cloud environments and lack of budget. Money is still an issue for many organisations but the share of those who struggle with this problem dropped from 47 per cent in 2020 to 34 per cent in 2022.
Other survey findings include:
- 80 per cent of organisations that use the cloud store sensitive data there
- More than half (53 per cent) of respondents said security improvement was their main goal for cloud adoption
- The majority of respondents who classify their data were able to detect an attack within minutes, while those who don’t classify data usually needed hours or even days
- Auditing of user activity is particularly effective for phishing, ransomware attacks and account compromise, where it reduced detection time from hours to minutes
“The report reveals that cloud adoption is in full swing: Organisations report that 41 per cent of their workloads are already in the cloud, and they expect that share to increase to 54 per cent by the end of 2023. IT teams are learning how to use the cloud both efficiently and securely as well as train their fellow colleagues similarly. It is time to pay closer attention to security measures that improve the ability to identify, protect against, detect, and respond to threats, in order to reduce both the likelihood and impact of a breach,” adds Schrader.
Netwrix makes data security easy, thereby simplifying how professionals can control sensitive, regulated and business-critical data, regardless of where it resides. More than 11,500 organisations worldwide rely on Netwrix solutions to secure sensitive data, realise the full business value of enterprise content, pass compliance audits with less effort and expense, and increase the productivity of IT teams and knowledge workers.
Founded in 2006, Netwrix has earned more than 150 industry awards and been named to both the Inc. 5000 and Deloitte Technology Fast 500 lists of the fastest growing companies in the U.S.