Almost 80 percent of companies have had a cloud data breach in the past 18 months

A new survey finds that 79 percent of companies experienced at least one cloud data breach in the past 18 months, and close to half (43 percent) reported 10 or more breaches.

The study for cloud access risk security company Ermetic conducted by IDC  covered 300 CISOs and finds that security misconfiguration (67 percent), lack of adequate visibility into access settings and activities (64 percent) and identity and access management (IAM) permission errors (61 percent) are the top concerns associated with cloud production environments.

"Even though most of the companies surveyed are already using IAM, data loss prevention, data classification and privileged account management products, more than half claimed these were not adequate for protecting cloud environments," says Shai Morag, CEO of Ermetic. "In fact, two thirds cited cloud native capabilities for authorization and permission management, and security configuration as either a high or an essential priority."

Among other findings are that the top three cloud security priorities are compliance monitoring (78 percent), authorization and permission management (75 percent), and security configuration management (73 percent).

For cloud access security top priorities are maintaining confidentiality of sensitive data (67 percent), regulatory compliance (61 percent) and providing the right level of access (53 percent). While the top challenges for cloud access security are insufficient personnel/expertise (66 percent), integrating disparate security solutions (52 percent) and lack of solutions that can meet their needs (39 percent).

The full report is available from the Ermetic site.

Image Credit: Brian A Jackson / Shutterstock