Cloud data breaches are becoming a serious threat for businesses everywhere

SaaS applications are the biggest target (31%), followed by cloud storage (30%), and Cloud Management Infrastructure (26%) categories. This share also makes sense knowing how organizations use the cloud. Two-thirds (66%) are using more than 25 SaaS applications, and almost half (47%) of the data they’re using is labeled ‘sensitive’. At the same time, data encryption rates remain low, with less than 10% of enterprises encrypting 80% or more of their sensitive cloud data. 

Human error and misconfiguration

When discussing the causes of these incidents, Thales found human error and misconfiguration continues being the biggest issue with cloud-based solutions (31%), followed by exploiting known vulnerabilities (28%), and failing to use multi-factor authentication (MFA - 17%).

All of this has forced organizations to be more proactive when it comes to defending their cloud premises, and to invest more in cybersecurity. Many are now focused on “digital sovereignty”, and on refactoring applications to “logically separate, secure, store, and process” cloud data. 

The number one motivation behind digital sovereignty was future-proofing cloud environments (31%), followed by adhering to regulations (22%).

“As the cloud attack surface expands, organizations must get a firm grasp on the data they have stored in the cloud, the keys they’re using to encrypt it, and the ability to have complete visibility into who is accessing the data and how it being used,” said Sebastien Cano, Senior Vice President for Cloud Protection and Licensing activities at Thales.

“It is vital to solve these challenges now, especially as data sovereignty and privacy have emerged as top concerns in this year’s research.”

More from TechRadar Pro

• Cloud changes are to blame for nearly all cyber-attacks
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now