Cloud Risk Report 2019: More Data Exposed, More Threats Events Detected

Cloud services are accelerating agility and collaboration and generating cost-efficiencies for government agencies. But as the public sector takes more and more advantage of the cloud, it’s important not to forget the data. In SaaS environments, agencies own the security of that data and need to access it appropriately. When using IaaS or PaaS, government is also responsible for the security of those workloads and the correct configuration of the underlying application and infrastructure components.

It’s not an easy task, and a new report from DLT partner, McAfee, which uncovers the scale of risk in the cloud suggests that many cloud services are increasingly exposed to security threats.

For example, significant exposure is created by the huge increase of sensitive data stored in the cloud, driven largely by the rising popularity of Office 365. You can also bet that your IaaS/PaaS is misconfigured, resulting in a growing number of access events. Finally, threat events in the cloud are ballooning. The number of compromised cloud accounts and insider threats has increased year-over-year by more than 27%.

Here are some key facts from this year’s report:

Sensitive data stored and shared (inadvertently) in the cloud is increasing:

• Nearly a quarter of data (21%) in the cloud is sensitive and sharing of that data has increased 53% year-over-year.
• Sharing sensitive data with an open, publicly accessible link has increased by 23% over the past two years.
• Today, 20% of all sensitive data in the cloud runs through email services like Exchange Online in Office 365, a volume which has increased 59% in the past two years.

Cloud misconfigurations expose organizations to risk:

• Organizations have an average of at least 14 misconfigured IaaS instances running at any given time, that’s an average of 2,269 misconfiguration incidents per month.
• 5.5% of all AWS S3 buckets are misconfigured to be publicly readable.

Most threats to data in the cloud result from compromised accounts and insider threats:

• Threat events in the cloud, i.e. compromised account, privileged user, or insider threat have increased 27.7% year-over-year.
• 80% of organizations will experience at least one compromised account threat in the cloud each month.
• 92% of organizations currently have stolen cloud credentials for sale on the Dark Web.
• Threats in Office 365 have grown by 63% in the last two years.

What can government organizations do to protect their cloud services, data, and accounts? McAfee has three recommendations to share that will assist with your cloud security strategy. Check them out on page 18 of the Cloud Adoption and Risk Report 2019.