Multiple providers, ‘cloud data sprawl’ make managing cloud data risk a priority initiative within the next 12 months.
Cyera, the cloud data security company, released the results of a survey of 200 cybersecurity professionals that found 33% of organizations want to minimize cloud data risk and 48% want to improve governance or policy management of cloud data access.
Cyera’s survey polled nearly 200 cybersecurity professionals on their security focus areas for the next 12 months and found that:
- 43% prioritize data protection in their public cloud infrastructure as a top priority.
- 31% rank discovering and classifying cloud data a priority.
- 35% utilize at least two public cloud providers from a list that included Amazon Web Services, Google Cloud, Microsoft Azure, Alibaba, IBM and Oracle; 17% of respondents rely on three or more.
Latest ITechnology News: Fivetran Announces Global Partner Reseller and Certification Programs
“The survey data affirms that security teams are struggling to keep pace with data proliferation across their cloud environments,” said Yotam Segev, Cyera co-founder and CEO. “The cloud provides obvious business advantages, but the sheer volume of data moving to the cloud, lack of visibility and the use of multiple cloud service providers all increase the threat surface exponentially.”
Migrating to the cloud can cut operating costs by nearly 40%. It also boosts development agility, reduces time spent maintaining traditional IT infrastructure, and offers flexibility and scalability benefits over traditional on-premises infrastructure. But cloud providers only offer limited visibility into what data customers have, how sensitive it is, and how to improve the security and risk posture of that data across their cloud estate. This results in greater cyber-resilience and compliance risks stemming from exposed sensitive data, overly permissive access, and free movement of data between environments and individuals.
Common examples include sensitive data in non-production environments, customer and employee personally-identifiable information that is accessible to users that have no business justification to access them, and poor backup management. In the latter case, a business may believe that they no longer have a reason to manage data from a given application and decommission the cloud data stores associated with it.
Latest ITechnology News: NTT Unveils Sustainability as a Service to Help Organizations Achieve Net-Zero Goals
Recently, Cyera found ghost data in over 30% of cloud data stores. These are typically found in non-production environments that are not secured with the same rigor as a production environment, where sensitive data they contain is more susceptible to inadvertent disclosure or exfiltration. They also represent a potential GDPR (EU General Data Protection Regulation) violation, because maintaining personal data when there is no longer a business purpose to maintain it violates the statute.
“Cloud data security requires a new approach to addressing the secular growth in data volumes, cloud migration, and risks posed by data regulation and cyber attackers,” said Phillipe Botteri, partner at Accel. “CISOs and security teams are in need of rapidly-deployable, comprehensive and innovative solutions.”
Cyera is purpose-built to deliver protection for cloud data and provide complete, detailed context on data, access and identities. Intelligent and context-rich, the platform creates a bridge between business imperatives and security controls. With Cyera, security teams can reduce access risk, contain data sprawl and ensure encryption from a unified view that provides continuous visibility without impacting security or performance. Cyera empowers customers to realize the speed and scale that the cloud promises, allowing their teams to innovate and build value with security as an enabler.
Latest ITechnology News: Evocative Closes INAP Data Center Asset Acquisition
[To share your insights with us, please write to sghosh@martechseries.com]