Cybersecurity vendor, Netwrix has announced the release of its global 2021 Netwrix Cloud Data Security Report. The report is based on feedback from 937 IT professionals worldwide who use private and public cloud services to store their data.
The report reveals that the most common types of cloud security incidents suffered by UK organisations in 2020 were phishing (52%), ransomware or other malware (23%) and account compromise (21%). The latter was the hardest to detect: Over half of respondents needed days (46%) or weeks (5%) to flag the issue. The top three consequences of data breaches were unplanned expenses to fix security gaps (36%), customer churn (14%) and a decrease in new sales (12%).
Respondents from the UK complained that lack of IT staff (63%), lack of budget (51%) and complexity of cloud workloads (50%) hinder security teams from properly securing data in the cloud.
Other survey findings for the UK include:
- 28% of UK organisations needed weeks to discover insider data theft
- 29% required months to recover from data theft caused by hackers
- Employee training is the most common cloud security control, with 86% of organisations conducting periodic training and an additional 4% planning to do so
- UK organisations most commonly allocate 25% of their cybersecurity budget to cloud security
- During the pandemic, 54% of UK organisations had to change their IT priorities but stick to their existing budget. 22% of organisations increased their cybersecurity spending
Ilia Sotnikov, VP of Product Management at Netwrix said, “lack of resources and the complexity of multi-cloud environments make it difficult to build consistent security controls. Experts recommend starting by classifying all data. That way, organisations can ensure they know where their sensitive data resides, apply appropriate controls in accordance with its sensitivity and establish auditing process to detect threats promptly.”
To get the complete findings of the 2021 Netwrix Cloud Data Security Report, visit www.netwrix.com/2021_cloud_data_security_report.html.