Shadow Data Concerns, Public Cloud Breaches Remain Sky-High: Here’s How Organizations Can Protect Themselves

By Andy Smith
998

By Andy Smith, Chief Marketing Officer, Laminar

The same technologies powering cloud transformation and data democratization are also introducing the greatest risks to data security, data privacy and data governance professionals.

Right now, we’re in the midst of cloud data’s Gilded Age. Data scientists and developers are spinning up new datastores in seconds to make data more accessible, do more with data analytics, and better harness its overall value. However, the increasing adoption of cloud data storage technologies, the sheer proliferation of data, death of the traditional perimeter, and faster rate of change has created an increased pressure on data security teams.

The dark side of the cloud’s Gilded Age is a new threat vector called, “the innovation attack surface.” Unlike traditional threat vectors, the innovation attack surface is largely caused by accident. When developers and data scientists spin up new data stores at the click of a button to out innovate their competition, it’s easy for IT and security teams to lose track of where the data lands. This unknown or “shadow” data is a hot target for cyberadversaries because it is not governed or under the same security controls as the known production datastore.

To gain a deeper understanding of the innovation attack surface and shadow data’s overall impact on organizations today, Laminar released its second annual State of Public Cloud Data Security Report.

Here’s what we found:

Cloud Data Breaches Are on the Rise

Three out of four respondents reported a cloud data breach in 2022, up from one in two in last year’s State of Public Cloud Data Security Report. For those who were impacted by a breach, 79% of respondents were aware that data had been exfiltrated or leaked compared to 58% from the year before.

It’s clear that organizations’ current strategy of “getting to the cloud or bust” without implementing next-generation data security controls isn’t working. Without change, this problem is not slowing down. Traditional approaches are clearly not working.

Why Data is Being Left in the Shadows

Despite 86% of respondents claiming to have increased visibility of cloud data, an impressive 93% of data security and governance professionals remain concerned about shadow data. Respondents also named  shadow data as the No.1 challenge to protecting data in the cloud, up from No.3 last year.

Why the contradiction? You don’t know what you don’t know. The divergence between agile cloud data activities that contribute to innovation and the static and manual data security activities intended to protect the business have led to what is known as the “security execution gap.” In layman’s terms, it just means that the smartest people in the business are working very quickly, and IT and security teams are still using manual or old tools that are not agile and not dynamic enough to keep up with the pace of change in the cloud.

It’s easy to create shadow data with just a few clicks. Shadow data results from companies of production data left behind in development and/or test environments. It may linger in the ether for weeks, months, or even years before being accessed by potential threat actors if left undiscovered and not addressed.

Sunnier Days are Ahead for Organizations Seeking Modern Security Solutions

When it comes to cloud data security, it’s not all doom-and-gloom. Thankfully, corporate leaders are starting to realize the need for a data-centric approach and that new, cloud-native, solutions are available. Some of the best news to come from the survey is the fact that 92% of respondents stated the rise in cloud data breaches has convinced executive-level leadership to purchase cloud-native security platforms, up 50% from last year. This is reinforced by the fact that 66% of organizations have increased security budgets by 41%-or-more in the past year.

It’s very good news that a whopping 97% of organizations now have a dedicated data security team — up from 58% last year.

Security professionals are also now much more aware of solutions to help. Almost all (92%) of respondents had heard about data security posture management (DSPM) solutions, and want the following capabilities from tools on the market:

  • Autonomous scanning (71%)

  • Dynamic and performant (63%)

  • Asynchronous operations (54%)

  • Agentless architecture (53%)

Just like in the industrial Gilded Age, the cloud’s Gilded Age brings both pros and cons. To thrive in today’s threat landscape, organizations need best-in-breed cloud-native security platforms that provide autonomous and agentless discovery, classification, and protection across multi-cloud architecture. Only then will data security professionals be equipped to reduce the innovation attack surface while still encouraging the activities that bring value back to the business.

Author’s bio: Andy is a veteran of 30+ years in the high-tech industry in Silicon Valley. He has spent the last 20 years in security, currently as CMO at cloud data security provider Laminar and previously as CMO at SaaS security innovator Qualys.  Prior to that Andy was SVP of Marketing for identity provider Centrify and Sr Director of Product Management for Oracle responsible for their identity & security offerings. Andy is a veteran of several security startups including VP of Product Management at Bitzer Mobile that was acquired by Oracle and GRC provider Virsa Systems that was acquired by SAP. Andy’s security background includes stints at ActivIdentity and Veridicom. Andy has a MBA from Santa Clara University and Bachelor’s in Mathematics from Occidental College.

LinkedIn social: https://www.linkedin.com/in/andysmithcmo/

Twitter social: https://twitter.com/laminarsec/

Ad

No posts to display