The fast pace of cloud transformation and democratization of data has created a new innovation attack surface, leading to 3 in 4 organizations experiencing a cloud data breach in 2022 and the overwhelming majority (68%) of data security professionals naming shadow data as the No.1 concern of protecting cloud data. The State of Public Cloud Data Security Report 2023, released by Laminar, reveals that concern over shadow data has increased to a whopping 93% compared to 82 percent the year before. This finding indicates a need for security teams to evolve processes and technologies to autonomously discover, classify, protect, and remediate sensitive cloud data stores, wherever they are located.
Trends Creating A New Threat Vector – The Innovation Attack Surface
Organizations accelerated the pace of transformation during the pandemic. Now they’re staying the course to maintain market competitiveness. In addition, organizations democratized data – making it easy for approved users to access cloud data and create analytics for decision making or operational processes. This trend has introduced new gaps into organizational systems and processes and created the “innovation attack surface” — a new threat vector that most organizations unconsciously have accepted as the cost of doing business.
The innovation attack surface is the continuous, unintentional risk cloud data users, such as data scientists and developers, take when using data to drive innovation. Unlike other attack surfaces determined by external forces such as ransomware, malware or malicious internal actors, the innovation attack surface has resulted from the massive, decentralized unintentional risk created by an organization’s data innovators.
Other trends that have allowed the innovation attack to surface include organizations’ increasing adoption of varied cloud data storage technologies; the proliferation of data (including shadow data) across hybrid, multi-cloud infrastructures; the death of the traditional network perimeter; faster software releases; and the changing role of security. Security teams are charged with protecting data without hindering innovation, but may lack the bandwidth to keep up with cloud service technologies that would improve their ability to execute.
Shadow Data a Growing Concern for 93% of Respondents
While security teams are confident that they have complete visibility into new public cloud data repositories, 93% are concerned about shadow data, up 11% from the year before, and 68% of respondents say it is the greatest challenge in protecting cloud data. Shadow, or unknown, unmanaged data is growing as users now can proliferate data in just a few clicks. Shadow data can occur when copied data lives on in test environments, data gets mis-placed in storage buckets, legacy data isn’t deleted after a cloud migration, data logs become toxic, and orphaned backups are left stale. Laminar Labs has validated this growing concern with our own research that 21% of publicly facing cloud storage buckets have personally identifiable information (PII) exposed and how utilizing versioning in cloud environments can cause shadow data.
Organizational Commitment to Data and Cloud Security Increasing
The good news is that organizations’ commitment to evolving their security programs is growing. Nearly all (92%) of respondents say the uptick in cloud breaches has increased executive and board-level buy-in for best-of-breed security platforms, up from 50% a year earlier. In addition, 66% of organizations have increased security budgets by 41% or more in the past year.
As a result, 97% of security professional respondents report their organization has a dedicated data security team, up from 58% in 2022.
DSPM a New Approach to Securing Data
However, nearly a third (29%) of respondents are only somewhat or not very confident that their existing on-premises security solutions can meet the challenges of improving cloud data security, up from 24% in 2022.
Data security posture management (DSPM) equips security teams with “transformational” capabilities, according to Gartner. DSPM “provides visibility into where sensitive data is, who has access to that data, how it has been used and what the security posture of the data store or application is,” states Gartner. In our survey, 92% of respondents had heard about DSPM and identified 12 different capabilities they’d require from such a solution.
What Security Professionals Seek from Cloud-Native Data Security Solutions
A full 95% of respondents believe that cloud environments are different enough (than on-premises) to require unique security solutions. Given their concerns about on-premises solutions, more security professionals are considering deploying cloud-native security platforms to improve sensitive data protection.
71% said cloud-native security solutions should provide autonomous scanning
63% want to deploy a dynamic, performant platform
54% say such a solution should offer asynchronous operations
53% would like the platform to provide an agentless architecture
A best-of-breed cloud-native security platform should provide autonomous discovery and classification of all data across AWS, Azure, GCP, and Snowflake; inventory data into a single cloud data catalog; and prioritize alerts using an innovative risk-scoring model.