Cloud

1/23/2018
11:50 AM
50%
50%

45% of Businesses Say Employees Are Biggest Security Risk

The most common cloud security worries remain the same, with unauthorized access and malware infiltrations topping concerns.

Despite facing mostly external attacks, nearly half (45%) of businesses believe their greatest security risk comes from their own employees, according to the 2018 Netwrix Cloud Security Report. The blame falls more heavily on IT staff (39%) and businesses users (33%) as much as, or more than, it does on cloud providers (33%).

Common cloud security concerns are the same across respondents, which represent 853 organizations. The greatest is risk of unauthorized access (69%), risk of malware infiltrations (50%), and the inability to monitor activity of employees in the cloud (39%).

Cloud security will continue to be an issue as most businesses plan to move more data to the cloud and begin storing sensitive data in cloud environments. The bulk of this will be customer (50%), employee (45%), and financial (37%) data. Part of the problem will be getting executives on board: only 66% of respondents have upper-level support for cloud security projects.

Read more details here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
REISEN1955
100%
0%
REISEN1955,
User Rank: Ninja
1/23/2018 | 2:25:16 PM
No Brainer here
One user in the state of North Carolina - just ONE DAMMIT - clicked on an infected PDF file and brought the state down to Ransomware.  No kidding????  
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11771
PUBLISHED: 2018-08-16
When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead to an infinite stream,...
CVE-2018-1715
PUBLISHED: 2018-08-16
IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 14700...
CVE-2017-13106
PUBLISHED: 2018-08-15
Cheetahmobile CM Launcher 3D - Theme, wallpaper, Secure, Efficient, 5.0.3, 2017-09-19, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.
CVE-2017-13107
PUBLISHED: 2018-08-15
Live.me - live stream video chat, 3.7.20, 2017-11-06, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.
CVE-2017-13108
PUBLISHED: 2018-08-15
DFNDR Security Antivirus, Anti-hacking & Cleaner, 5.0.9, 2017-11-01, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.