Cloud services are continuing to grow and gain strength in manufacturing, but that adds one more layer of security coverage everyone has to think about.
That is because IT and security professionals expect cloud services to multiply the likelihood and economic impact of data breaches as continue that growth pattern. In addition, security professionals they remain unsure about the scope of usage and responsibility for securing cloud services, according to research by Netskope.
The report draws upon Ponemon Institute’s May 2014 Cost of a Data Breach study that established a cost of $201.18 per lost or stolen customer record. For a data breach involving 100,000 or more customer records the cost would come to just over $20 million.
Survey respondents had to estimate the current probability of a data breach of that magnitude and then how increasing the use of cloud services would change that probability. The report states that this multiplies the probability of a data breach by as much as three times.
“With a $201 price tag for every record lost, the cost of a data breach of just 100,000 records is $20 million. Imagine then if the probability of that data breach were to triple simply because you increased your use of the cloud. That’s what enterprise IT folks are coming to grips with and they’ve started to recognize the need to align their security programs to account for it,” said Sanjay Beri, chief executive and found of Netskope.
“The report shows that while there are many enterprise-ready apps available today, the uncertainty from risky apps is stealing the show for IT and security professionals. Rewriting this story requires contextual knowledge about how these apps are being used and an effective way of mitigating risk,” Beri said.
“We’ve been tracking the cost of a data breach for years but have never had the opportunity to look at the potential risks and economic impact that might come from cloud in particular,” said Dr. Larry Ponemon, chairman and founder of Ponemon Institute. “It’s fascinating that the perceived risk and economic impact is so high when it comes to cloud app usage.”
Across the board, respondents believe their high-value IP and customer data are less secure when the use of cloud services increases. Respondents said they believe there is a lack of due diligence in the implementation and monitoring of security programs within companies and have uncertainty about cloud service provider security practices, while recognizing there are unknown cloud services in a network.
This all leads to the general perception there is a probability of a data breach increasing in today’s IT environment.
• Respondents estimate every 1 percent increase in the use of cloud services will result in a 3 percent higher probability of a data breach. This means that an organization using 100 cloud services would only need to add 25 more to increase the likelihood of a data breach by 75 percent.
• More than two-thirds (69 percent) of respondents believe their organization is not proactive in assessing information that is too sensitive to store in the cloud.
• 62 percent of respondents believe the cloud services in use by their organization do undergo a thorough investigation for security prior to deployment.
• Almost three-quarters (72 percent) of respondents believe their cloud service provider would not notify them immediately if they had a data breach involving the loss or theft of their intellectual property or business confidential information, and 71 percent believe they would not receive immediate notification following a breach involving the loss or theft of customer data.
• Respondents believe 45 percent of all software applications used by organizations are in the cloud, but exactly half (22.5 percent) of these applications are not visible to IT.
• Respondents estimate that 36 percent of business critical apps are in the cloud, yet IT lacks visibility into nearly half of them.