Enterprises are spending nearly $1,200 a year per employee to address the risk that cloud-based workforce collaboration apps bring to their business.
It's a well-known reality at this point that with corporate workers more dispersed than ever due to the changing work patterns introduced during the pandemic, enterprises are increasingly relying on new Web-based tools beyond email. These include cloud-based messaging, storage, shared workplaces, customer relationship management (CRM), and other apps and services.
The problem is, these tools also have widely expanded the attack surface for threat actors and increased exposure of corporate assets to the internet. Cybercriminals have quickly recognized the opportunity to exploit this reality — helped along by the fact that many of these apps are largely unproven, security-wise, according to a white paper published Nov. 22 by Osterman Research and sponsored by Perception Point.
"Threat actors have responded quickly to the emergence of new channels for employee productivity and collaboration," the researchers wrote.
Specifically, organizations are now paying $1,197 per employee each year to address successful cyber incidents across email services, cloud collaboration apps or services, and Web browsers — meaning a 500-employee company spends, on average, $600,000 on an annual basis, the researchers found. This cost excludes compliance fines, ransomware mitigation costs, and business losses from non-operational processes, they said.
Researchers ran a survey of 250 security and IT decision-makers to parse this surge in malicious incidents against these new services, and found that 60% of the attack attempts arrive via email — which remains the most widely attacked enterprise service, the researchers found.
Moreover some attacks — such as those involving malware installed on an endpoint — are occurring with even more frequency, up 87%.
The situation is only likely to get worse, with more than 70% of respondents believing the frequency of security threats will remain the same or increase over the next two years, the researchers said. This outlook is due to the time organizations need time to respond to the rapid rate of expansion in the use of these apps and adjust their new security posture accordingly, they acknowledged.
Too Many Cloud Collaboration Apps?
On average, organizations surveyed said they use about six various apps and services for communication and collaboration across their workforce.
Among the most popular apps being used for workforce collaboration now include messaging apps such as Microsoft Teams, Slack, or WhatsApp; cloud storage and collaboration apps such as Google Drive, OneDrive, SharePoint, or Box; shared workspaces such as Microsoft Teams, Google Workspace, or Huddle; enterprise social networks such as Facebook Workplace, Jive, or Microsoft Yammer; CRM tools such as Salesforce, HubSpot, Zendesk, or Microsoft Dynamics CRM; cloud storage services such as AWS S3 buckets or Microsoft Blob Storage; and online meeting tools such as Zoom, WebEx, or Microsoft Teams meetings.
Moreover, employees also use a host of unsanctioned communication and cloud collaboration apps, such as personal Dropbox storage accounts or personal Zoom accounts, which also put the enterprise at risk.
There have been recent security incidents that highlight the vulnerability of these apps and why enterprises should be paying close attention. Researchers from Varonis Threat Labs, for instance, recently found multiple security vulnerabilities — including a nasty SQL injection bug — in Zendesk's Web-based CRM platform that could have allowed attackers to access sensitive information from potentially any customer account.
Meanwhile, legions of databases — and, thus, customers' personally identifiable information (PII) — are being inadvertently exposed to the Internet monthly through a feature of Amazon Relational Database Service, a popular cloud-based data-backup service offered by Amazon Web Services, according to recent research from the Mitiga Research Team.
Both of these incidents demonstrate the security weaknesses lurking in the cloud-based apps that are becoming the backbone of enterprise workforce collaboration, with 19% of respondents acknowledging that they use as many as nine of these tools, significantly increasing their attack surface, the researchers said.
"Using such a wide range of tools increases the amount of vectors which attackers can target," they wrote.
Not only are there more attacks against these apps and services but they're also increasing in sophistication, the researchers found. A full 72% of respondents indicated that attacks against cloud storage services have grown more sophisticated over the past year, and 57% said the same about attacks against email.
"This trend is especially concerning given the rapid rate of adoption of new cloud-based apps and services," the researchers noted.
How to Respond
The situation clearly demands a response from enterprises, which have a number of options for how they can address and minimize their risk of attack against these various apps and services, the researchers said.
However, it will take some effort on their part, including an updating of traditional security postures, noted Michael Sampson, senior analyst at Osterman Research
"Organizations cannot afford — financially or reputationally — to rely on outdated approaches," he said in a press statement. "Our survey demonstrates the clear need for agile and holistic threat prevention solutions."
Enterprises are already on the case, according to the report. Some ways organizations said they will try to mitigate the situation in the coming year include deploying at least one new security tool to combat threats, with 69% of respondents saying they plan to deploy three or more.
Enterprises also should be consolidating their security stack for more holistic and efficient threat protection, as well as leveraging managed services to support their security teams with scalable and flexible incident response capabilities, the researchers advised.
"Fast, holistic, and accurate threat prevention across all channels is singularly important in an era of increasingly frequent and sophisticated cyber incidents," they wrote.