Ermetic, the cloud infrastructure security company, today announced the results of a research study conducted by global market intelligence firm IDC which found that 98% of the companies surveyed had experienced at least one cloud data breach in the past 18 months compared to 79% last year. Meanwhile, 67% reported three or more such breaches, and 63% said they had sensitive data exposed.
According to the 200 CISOs and other security decision makers who participated in the survey, nearly 60% consider lack of visibility as well as inadequate identity and access management a major threat to their cloud infrastructure. They cited access risk and infrastructure security among their top cloud security priorities for the next 18 months. Meanwhile, 85% of organizations said they plan to increase their security spending this year, with a significant portion being allocated to cloud infrastructure security.
A full copy of the report is available here.
"Even though nearly 70% of companies invest more than 25 hours a week on cloud identity management, the survey found that 83% had at least one access-related cloud data breach," said Shai Morag, CEO of Ermetic. "In fact, almost 60% of organizations said they consider lack of visibility and inadequate IAM security a major threat to their cloud infrastructure."
An effective cloud infrastructure security strategy must focus on identities, permissions and entitlements to truly protect against risk. While many companies are using commercial -- and even free -- cloud provider tools to address their cloud security needs, these typically lack granular visibility and analytic capabilities. As a result, they are unable to capture and unravel the privileges attached to human and machine identities, and lack the automation needed to remediate problems at scale and implement least privilege.
As part of the study commissioned by Ermetic, IDC surveyed 200 senior IT security decision makers in the US across the Banking & Insurance (13%), Healthcare (11%), Pharmaceuticals (12%), Manufacturing (11%), Retail (11%), Software Development (11%) and other (31%) sectors. Organizations ranged in size from 1,500 to more than 20,000 employees. Some of the report's key findings include:
A visual representation of the survey findings is available here.
Ermetic helps prevent breaches by reducing the attack surface of cloud infrastructure and enforcing least privilege at scale in the most complex environments. The Ermetic SaaS platform is an identity-first security solution that provides holistic, multi-cloud protection using advanced analytics to continuously analyze and remediate risks associated with permissions, configurations and behavior across the full cloud infrastructure stack. The company is led by proven technology entrepreneurs whose previous companies have been acquired by Microsoft, Palo Alto Networks and others. Ermetic has received funding from Accel, Glilot Capital Partners, Norwest Venture Partners and Target Global. Visit us at https://ermetic.com/ and follow us on LinkedIn, Twitter and Facebook.
These press releases may also interest you