Cloud account compromises are costing organizations millions each year

(Image credit: Shutterstock)

Dealing with cloud accounts that have been compromised is becoming even more expensive as new research from Proofpoint (opens in new tab) and Ponenom Institute (opens in new tab) has revealed that cloud account compromises cost organizations over $6m each year.

To compile their new report titled “The Cost of Cloud Compromise and Shadow IT (opens in new tab)”, the cybersecurity firm and IT security research organization surveyed more than 600 IT and IT security professionals across the US.

Of those surveyed, 68 percent said they believe cloud account takeovers (opens in new tab) present a significant security risk to their organizations with more than half indicating that both the frequency and severity of cloud account compromises have increased over the last 12 months.

Chairman and founder of the Ponemon Institute, Larry Ponemon warned against the increased security risks that  have come with growing SaaS (opens in new tab) adoption in a press release (opens in new tab), saying:

“This research illustrates that leaving SaaS security in the hands of end-users or lines of business can be quite costly. Cloud account compromises and sensitive information loss can disrupt business, damage brand reputation, and cost organizations millions annually.”

SaaS security

According to 86 percent of respondents, the annual cost of cloud account compromises is now over $500k with those surveyed reporting an average of 64 compromised accounts each year. Of these compromised accounts, 30 percent expose sensitive data putting employees and their organization at risk of cyberattacks.

Nearly 60 percent of respondents indicated that Microsoft 365 (opens in new tab) and Google Workspace (opens in new tab) accounts are heavily targeted by brute force and phishing-based cloud attacks. Overall though, more than 50 percent of those surveyed say phishing (opens in new tab) is the most frequent method used by cybercriminals to acquire legitimate cloud credentials.

At the same time, shadow IT (opens in new tab) is creating substantial risk for organizations as employees are still using cloud apps and services that have not been approved by their organization's IT department. The increased use of online collaboration software (opens in new tab) and messaging tools to share sensitive information along with the move to the cloud and more employees working from home (opens in new tab) are also putting organizations at greater risk.

VP of product marketing at Proofpoint, Tim Choi explained how SaaS security can no longer be overlooked as organizations move their workloads to the cloud and adopt hybrid working (opens in new tab) models, saying:

“SaaS security simply cannot be an afterthought given the high cost of cloud account compromise and today’s heightened hybrid working environment. The move to the cloud and increased collaboration requires a people-centric security strategy backed by a cloud access security broker (CASB) solution that is integrated with a larger cloud, email, and endpoint security portfolio. Such an approach effectively addresses concerns like cloud account compromise, unauthorized access to cloud data, and cloud application governance. Organizations need clearly defined roles, established accountability, and a CASB solution that can be operationalized in hours—not weeks.”  

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.