Download the 2020 Cloud Threat Protection Report by completing the form on the right.
As remote working continues and the adoption of cloud apps and services increase, assessing the state of cloud threat protection is the focus of this report. The most interesting highlight from the results is the gap between what IT estimates for cloud apps and services in use and the reality of what business units and users have freely adopted. While the survey was taken in April during the pandemic and VPN use was ranked high in the survey results, we suspect the adoption of private access cloud hosted solutions providing zero trust network access (ZTNA) are in the works as we profiled in the CSI 2020 Zero Trust Report.
More than half surveyed are using on-premises defenses for cloud protection, this combined with high VPN use results in backhauling, or hair pinning traffic back to data centers. With most organizations experiencing nearly 70% of employees working remotely, the quest for direct-to-cloud solutions that secure web traffic, SaaS apps, public cloud use, and private apps hosted in the cloud with ZTNA-based private access are desired.
Companies are also finding allow/deny defenses struggle with cloud threat and data protection where data context is required, often including instance and activity to determine granular policy controls when cloud use is allowed.
The use of cloud apps and services continues to grow where now more than half of web traffic sessions are related to cloud apps and services. This creates a new cyber terrain for threat enablement such as cloud phishing and cloud threat delivery as attacks leverage trusted domains, valid certificates, and the practice of white listing of managed app suites in the guise of a better user experience, however, at the expense of cloud threat protection.
SaaS is now the number one target based on the latest APWG Phishing Trends Report, and
cloud-based data theft, exfiltration and exposure are top-ranked concerns from our CSI 2020 Data Security report. Cloud hosting is the top rated app category for threats, often within managed app suites, just one more data point to apply cloud threat protection to both managed and unmanaged cloud use.
So mind the gap between on-premises defenses and the adoption of ‘in the cloud’ solutions
taking note to assess ‘for the cloud’ capabilities for threat and data protection. We are in an era of security transformation where the rules are changing with more data and users increasingly outside our data centers and legacy controls.
Many thanks to Netskope for supporting this important research project. We hope you’ll find this report informative and helpful as you continue your efforts in protecting