Cloud resources, the preferred targets for cyber attacks

The fight in the cyberspace between authorities and hackers is getting more complicated. Cloud resources have become the preferred targets for cyber attacks, with SaaS applications (31%), cloud storage (30%) and cloud management infrastructure (26%) being the most hunted, according to the Thales Cloud Security 2024 study. According to the company : "As the use of the cloud continues to be strategically vital for many organizations, cloud resources have become preferred targets for cyber attacks, with the most hunted being SaaS applications (31%), cloud storage (30%) and cloud management infrastructure (26%) As a result, protection measures have become a priority". According to the source cited, 44% of organizations have experienced a data security breach in the cloud, and 14% have reported an incident in the past 12 months. Human error and misconfiguration continued to be the leading causes of these breaches (31%), followed by exploiting known vulnerabilities (28%) and not using multi-factor authentication (17%). The study also indicates that the increasingly frequent use of the cloud in the organizational environment has led to an increase in the potential area of attack, considering that 66% of companies use more than 25 SaaS applications and almost half (47%) of corporate data are sensitive. Despite the increased security risks of critical data in the cloud, very few companies protect their data through encryption - less than 10% of organizations encrypt 80% or more of their sensitive data stored in the cloud. Sebastien Cano, senior vice president "Cloud Protection and Licensing activities" at Thales said: "The scalability and flexibility that the cloud offers are extremely attractive to organizations, so it is no wonder that they are essential to their security strategies However, as the attack surface on the cloud expands, organizations need to manage well the data they store in the cloud, the keys they use to encrypt it, and the ability to have full visibility into people accessing the data and how it is used. It is vital to address these challenges, especially as data sovereignty and privacy emerged as key concerns in this year's research." The study is the company's annual assessment of the latest cloud security threats, trends and emerging risks and was based on a global survey of 2,961 security and IT management professionals. In addition to the criteria regarding the level of knowledge regarding the general topic of the survey, respondents who indicated affiliation with organizations with annual revenues of less than 100 million dollars, but also with revenues between 100 and 250 million dollars, were excluded from the study. dollars, in selected countries.