Reliance on cloud a major factor as work-from-home era continues
An overwhelming percentage (90%) of cyberattacks on cloud environments in the last 12 months involved compromised privileged credentials, according to new research from Centrify, a leading provider of modern privileged access management (PAM) solutions. The new study, which surveyed 150 IT decision makers across the U.S., found that 65% of respondents saw attempted attacks on their cloud environments, and 80% of those participants’ cloud environments were successfully compromised.
To identify how reliance on the cloud and resulting risks around this attack surface have progressed a year into the work-from-home era, Centrify partnered with CensusWide to survey these experts. It quickly became evident that the reliability, availability, and scalability afforded by the cloud have become critical to keep organizations up and running, and cybercriminals are taking notice.
While the majority (63%) of respondents had the foresight to make the move to cloud 3-5 years ago, one-quarter (25%) of respondents just began their cloud transition in the last two years. Nearly a third (31%) utilize hybrid and multi-cloud environments, while 45% take a private cloud-only approach, and 23% rely on public cloud. Availability was resoundingly the top cloud benefit amongst respondents (46%), followed by collaboration (28%), cost savings (15%), and scalability (9%).
Despite the prevalence of cyberattacks targeting the cloud, managing multi-cloud environments was identified as the greatest cloud transition challenge (36%), followed by cybersecurity risks and cloud migration (both 22%).
In addition, 19% cited maintaining compliance in the cloud as an ongoing issue.
“Cybercriminals are capitalizing on our reliance on the cloud, and they’re no longer just hacking in. They’re logging in,” said Art Gilliland, CEO, Centrify. “With almost all of the attacks on the cloud caused by stolen privileged credentials, the security stack must include a centralized PAM solution architected in the cloud, for the cloud. This approach will minimize the attack surface and control privileged access to hybrid environments, even as it evolves post-COVID-19.”