sb-as logo
Story image

Check Point releases report on public cloud security challenges

17 Jul 2019

Check Point and Cybersecurity Insiders have released the results of a global Cloud Security Report highlighting the challenges faced by enterprise security operations teams in protecting their public cloud data, systems, and services.

While public cloud providers expand their security services to protect their platforms, it is ultimately the customers’ responsibility to secure their data and applications on those platforms.

While a majority of organisations said their public cloud instances had not been hacked (54%), 25% did not know whether they had experienced a cloud breach, while 15% confirmed they had experienced a cloud security incident.

Key findings of the 2019 Cloud Security Report include: 

  • The top four public cloud vulnerabilities: the leading vulnerabilities cited by respondents were unauthorised cloud access (42%), insecure interfaces (42%), misconfiguration of the cloud platform (40%), and account hijacking (39%). 
     
  • The leading operational cloud security headaches:  security teams struggle with a lack of visibility into cloud infrastructure security and compliance (67% in total). Setting consistent security policies across cloud and on premise environments and a lack of qualified security staff tie for third place (31% each).
     
  • Legacy security tools are not designed for public clouds:  66% of respondents said their traditional security solutions either don’t work at all, or only provide limited functionality in cloud environments. 
     
  • Security challenges inhibit cloud adoption:  the biggest barriers to wider public cloud adoption cited by respondents are data security (29%), risk of compromise (28%), compliance challenges (26%) and a lack of experience and qualified security staff (26%).

“The report’s findings clearly show that enterprise security teams need to urgently reassess their security strategies and address the shortcomings of their legacy security tools to protect their evolving public cloud environments and avoid breaches. 

“With 15% of respondents reporting they’ve had a cloud security incident, criminals are seeking to exploit organisations’ cloud vulnerabilities,” says Check Point cloud product line head Zohar Alon. 

“Enterprises need to get holistic visibility across all of their public cloud environments, supported by cloud-native policy automation, compliance enforcement, privileged identity protection and event analysis, to make their cloud deployments more secure and manageable.” 

The 2019 Cloud Security Report is based on the results of a comprehensive online survey of 674 cybersecurity and IT professionals, conducted in Spring 2019 to gain deep insight into the latest trends, key challenges and solutions for cloud security across a balanced cross-section of organisations of varying sizes across multiple industry sectors. 

The survey was done by Cybersecurity Insiders, the 400,000-member information security community.

Download image
Equinix study: Firms turn to NFV to support distributed networks
Decision-makers looking for a solution that virtualises a wide range of network functions should evaluate NFV, study finds.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
Just one click – that’s all it takes to let in cyber-crime
So how do organisations ensure that users are not compromised by simply doing their work?  The answer is surprisingly simple, writes Bufferzone Security business strategist for A/NZ Greg Wyman.More
Story image
Kaspersky finds red tape biggest barrier against cybersecurity initiatives
The most common obstacles that inhibit or delay the implementation of industrial cybersecurity projects include the inability to stop production (34%), and bureaucratic steps, such as a lengthy approval process (31%) and having too many decision-makers (23%). More
Story image
Microsoft brings endpoint & Azure security under Microsoft Defender
Microsoft Defender brings Microsoft 365 Defender and Azure Defender under the same umbrella.More
Story image
Phishing scam imitates SharePoint & OneNote for nefarious clicks
Sophos researchers say that the attackers take a slightly different approach to the standard ‘fake login’ phishing email.More