SOURCE: CloudLock

CloudLock

August 26, 2015 06:00 ET

CloudLock's Q3 Cybersecurity Report Reveals That 1 Percent of Employees Represent 75 Percent of Security Risk in the Cloud

CloudLock's CyberLab Highlights Risk in a Small Number of Users, Apps and the Cloud Value Chain

WALTHAM, MA--(Marketwired - Aug 26, 2015) - The CloudLock CyberLab, CloudLock's security intelligence arm, today released its Q3 Cloud Cybersecurity Report: The 1% Who Can Take Down Your Organization. Based on analysis across 10 million users, 1 billion files, and over 91,000 applications, the report focuses on the riskiest element in the cloud: user behavior.

1 Percent of Users Represent 75 Percent of Risk
Cloud cybersecurity risk is highly concentrated, with 1 percent of users responsible for 75 percent of risk. Consider the instance of a user publicly exposing files containing clear text passwords -- a phenomena that occurs 4,000 times on average per organization, based on CloudLock research. Understanding the composition of this 1 percent of users is crucial for security teams: often times, this subset of users includes super-privileged users, software architects, as well as machine-based identities (i.e., applications with programmatic access) that grant access privileges and archive data.

70 Percent of File Sharing With Non-Corporate Identities
The disproportionate nature of cybersecurity risk extends to cloud-based collaboration. While organizations on average collaborate with 865 external parties, just 25 of these account for 75 percent of cloud-based sharing per organization. Unexpectedly, 70 percent of external file sharing occurs with non-corporate email addresses security teams have little control over.

52,000 Instances of Risky Cloud App Installs
Many cloud applications support integration with third-party applications, outside the network and undetectable via traditional security tools, such as proxy- or gateway-based solutions. These apps are frequently targeted by cybercriminals as entry points to organizations. CloudLock research reveals that 52,000 instances of applications are installed by highly privileged users -- a number that should be zero given privileged accounts are highly coveted by malicious cybercriminals.

Reduce Risk by Involving Active Users
By involving the most active users in the security process, organizations can rapidly mitigate the majority of cybersecurity risk. One CloudLock client decreased public exposures by 62 percent in just one day by doing so.

"Cyber attacks today target your users -- not your infrastructure. As technology leaders wake up to this new reality, security programs are being reengineered to focus where true risk lies: with the user," says CloudLock CEO and co-founder Gil Zimmermann. "The best defense is to know what typical user behavior looks like -- and, more importantly, what it doesn't."

To download the Cloud Cybersecurity Report, please visit: The 1% Who Can Take Down Your Organization.

About CloudLock's CyberLab
CloudLock is the only security vendor uniquely combining U.S. and Israeli Military Intelligence with real-time, crowdsourced cloud security insight. CloudLock continuously monitors over one billion files daily across more than 10 million users. Security professionals feed into CloudLock's unique security insight through peer-driven, crowdsourced Community Trust Ratings™. This intelligence allows organizations to immediately respond to emerging cloud cyber threats and risky apps.  

About CloudLock
CloudLock is the leading cybersecurity-as-a-service and cloud access security broker (CASB) provider, offering a cloud security fabric that enables enterprises to protect their data in the cloud, reduce risk, achieve compliance, manage threats and increase productivity. Learn more at cloudlock.com.

Contact Information