Netwrix has revised its annual Cloud Data Security Report reflecting the recent unprecedented changes due to the global shift to remote work when many organizations had to quickly adopt cloud technologies.
The California-based IT security software company surveyed 937 IT professionals worldwide.
The survey showed that fewer organizations are storing data in the cloud than last year. In 2020, only 46% stored non-sensitive data in the cloud, while in 2019, – 57% of respondents. The researchers saw the same trend with customer data: the number of organizations that stored such data in the cloud dropped from 50% to 44%.
The researchers say the reason may be that organization were quick to realize the dangers of keeping their data in the cloud in uncertain times and pulled it out:
“It seems that after some organizations dipped their toes into the cloud by putting sensitive and non-sensitive data there, they reassessed their risks and needs and pulled it back.”
The research further showed 54% of organizations that stored customer data in the cloud had security incidents in the past 12 months, compared to 77% in 2019.
Meanwhile, the majority of financial institutions still store customer data in the cloud (53%), and 35% store financial data there.
In 2020, the most common attacks financial organizations faced were phishing attacks (26% of respondents), targeted attacks on cloud infrastructure (22%), and ransomware attacks (15%).
Among organizations that experienced a data breach, 20% had to cover unplanned expenses to fix security gaps, 19% faced compliance fines and 17% experienced customer churn.
According to the report, 59% of financial organizations consider themselves understaffed and name insufficient IT and security teams, lack of expertise in cloud security (44%) and employee negligence (37%) as major reasons for security breaches in the cloud.
In addition, attacks on cloud infrastructure took the longest to detect and resolve – 41% of financial organizations needed days or weeks to discover the incident, and 38% spent days or weeks to respond.