Around 37% of Indian orgs experienced data breach in the cloud in 2021 compared to 33% a year before

Although cloud computing is widely used by myriad organisations and is very prevalent, it isn’t without hitches. Lack of proper cybersecurity planning for the cloud applications can make the organisation vulnerable to attacks and data breaches shows a new report. 

Around 37% of organisations from India have experienced a cloud-based data breach or failed audit in the past 12 months, up from the previous year at 33%, states a report by cyber security firm Thales.

Despite the increasing threat, the study points out that 46% of respondents in India said that they store between 21-60% of sensitive data in the cloud.

There has been a notable expansion in the use of multiple Infrastructure as a service (IaaS) providers, with almost three-quarters (72%) of businesses globally using multiple IaaS providers, up from 57% the year before. The use of multiple providers has almost doubled in the last year, with one in five (20%) of global respondents reporting using three or more providers, the study said.

Also read: Firms increasingly vulnerable to supply chain attacks, says study

Despite their increasing prevalence and use, businesses share common concerns about the increasing complexity of cloud services with 40% of IT professionals from India agreeing that it is more complex to manage privacy and data protection in the cloud.

Nearly a third (32%) of respondents worldwide admitted to having to issue a breach notification to a government agency, customer, partner, or employees. This should be a cause for concern among enterprises with sensitive data, particularly in highly regulated industries.

Cyber-attacks also present an ongoing risk to cloud applications and data. Respondents around the globe reported an increasing prevalence of attacks, with a quarter (26%) citing an increase in malware, 25% in ransomware and one-fifth (19%) reporting seeing an increase in phishing/whaling.

Nearly a third (32%) of respondents worldwide admitted to having to issue a breach notification to a government agency, customer, partner, or employees. This should be a cause for concern among enterprises with sensitive data, particularly in highly regulated industries.

The report said that cyber-attacks also present an ongoing risk to cloud applications and data. Respondents around the globe reported an increasing prevalence of attacks, with a quarter (26%) citing an increase in malware, 25% in ransomware and one-fifth (19%) reporting seeing an increase in phishing/whaling.

According to Check Point’s 2022 Cloud Security Report, 27% of organisations have experienced a security incident in their public cloud infrastructure within the last 12 months.

Out of these, nearly a quarter (23%) were caused by security misconfigurations in cloud infrastructure. Other significant contributors to cloud breaches included improper data sharing (15%), compromised accounts (15%), and vulnerability exploitation (14%).

Cloud adoption has grown multifold in recent years. While many organisations were already embracing cloud, the Covid-19 pandemic catapulted the transition. 

As a result, over 98% of organisations use some form of cloud-based infrastructure, and over three-quarters (76%) have multi-cloud deployments composed of services from two or more cloud providers, said Checkpoint. 

However, cloud environments differ significantly from on-prem infrastructure, which means that traditional security tools and approaches do not always work effectively in the cloud, points out Checkpoint.