CIO Influence
Analytics CIO Influence News SaaS Security

Suridata Releases Report on Major Risks and Mixed Effectiveness of Countermeasures

Suridata Releases Report on Major Risks and Mixed Effectiveness of Countermeasures

Suridata Logo

Suridata, a leader in SaaS security solutions, is proud to announce the release of its latest trend report. This report provides an in-depth analysis of the current state of SaaS security based on a survey of IT and security professionals, coupled with data from the Suridata platform.

Also Read: The Dynamic Duo: How CMOs and CIOs Are Shaping the Future of Business

Key Findings:

1.  Shadow SaaS: Unmanaged SaaS applications remain a critical blind spot, especially in mid-market companies, where 54% of SaaS applications are unknown or unmanaged.

2.  Widespread SaaS Security Risks: The report reveals that a staggering 88% of organizations have experienced a SaaS breach, despite 41% of respondents rating their SaaS security as “Good” or “Excellent.”

3.  Configuration Issues: Misconfigurations in identity and access control, data and sharing permissions, session management, and password security are prevalent, posing substantial risks.

4.  Inefficient Monitoring: Monitoring of third-party, machine-to-machine SaaS integrations is inadequate, with many organizations relying on periodic manual reviews or “need to” basis assessments.

5.  Mixed Efficacy of Countermeasures: Existing security measures, particularly those addressing third-party integration and machine-to-machine risks, are found to be deficient.

6.  Variations by Organization Size: Mid-market firms (1,000-5,000 employees) face more SaaS security challenges compared to larger enterprises, including higher incidences of Shadow SaaS and unauthorized use of Generative AI tools.

7.  Data Leakage Concerns: Data leakage or loss was cited as the most significant security challenge by 28% of respondents.

Also Read: Top Misconceptions Around Data Operations and Breaking Down the Role of a VP of Data Ops

Executive Summary:

The report emphasizes that SaaS security requires distinct approaches compared to traditional on-premises software. SaaS environments are prone to misconfigurations, unsecure third-party connections, and identity and access management issues. The findings highlight the need for improved security practices and more robust configuration management to safeguard against these risks.

Research Insights:

  • Responsibility for SaaS Security: 49% of respondents indicated that the IT department is responsible for SaaS security, followed by the InfoSec department at 36%.
  • Perception vs. Reality: Despite high self-perceived ratings of SaaS security, the report shows a disconnect with actual breach experiences.
  • Security Measures: IdP/SSO and MFA are the leading security measures, yet 16% of employees still operate without SSO enforcement.
  • Generative AI Usage: The use of Generative AI tools without authorization is highest among mid-market companies.

[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]

Related posts

Open-Source Power Delivery Software Enables Code Integration for USB System Differentiation

CIO Influence News Desk

SolarWinds to Address Overcoming Observability Challenges at Microsoft Ignite 2021

CIO Influence News Desk

Aqara Introduces Smart Door Lock A100 Zigbee with Apple Home Key Support