Cloud

1/23/2018
11:50 AM
50%
50%

45% of Businesses Say Employees Are Biggest Security Risk

The most common cloud security worries remain the same, with unauthorized access and malware infiltrations topping concerns.

Despite facing mostly external attacks, nearly half (45%) of businesses believe their greatest security risk comes from their own employees, according to the 2018 Netwrix Cloud Security Report. The blame falls more heavily on IT staff (39%) and businesses users (33%) as much as, or more than, it does on cloud providers (33%).

Common cloud security concerns are the same across respondents, which represent 853 organizations. The greatest is risk of unauthorized access (69%), risk of malware infiltrations (50%), and the inability to monitor activity of employees in the cloud (39%).

Cloud security will continue to be an issue as most businesses plan to move more data to the cloud and begin storing sensitive data in cloud environments. The bulk of this will be customer (50%), employee (45%), and financial (37%) data. Part of the problem will be getting executives on board: only 66% of respondents have upper-level support for cloud security projects.

Read more details here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
REISEN1955
100%
0%
REISEN1955,
User Rank: Ninja
1/23/2018 | 2:25:16 PM
No Brainer here
One user in the state of North Carolina - just ONE DAMMIT - clicked on an infected PDF file and brought the state down to Ransomware.  No kidding????  
Weaponizing IPv6 to Bypass IPv4 Security
John Anderson, Principal Security Consultant, Trustwave Spiderlabs,  6/12/2018
'Shift Left' & the Connected Car
Rohit Sethi, COO of Security Compass,  6/12/2018
Microsoft Fixes 11 Critical, 39 Important Vulns
Kelly Sheridan, Staff Editor, Dark Reading,  6/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-1060
PUBLISHED: 2018-06-18
python before versions 2.7.15, 3.4.9, 3.5.6 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.
CVE-2018-1090
PUBLISHED: 2018-06-18
In Pulp before version 2.16.2, secrets are passed into override_config when triggering a task and then become readable to all users with read access on the distributor/importer. An attacker with API access can then view these secrets.
CVE-2018-1152
PUBLISHED: 2018-06-18
libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.
CVE-2018-1153
PUBLISHED: 2018-06-18
Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the server certificate in a couple of HTTPS requests which allows a man in the middle to modify or view traffic.
CVE-2018-12530
PUBLISHED: 2018-06-18
An issue was discovered in MetInfo 6.0.0. admin/app/batch/csvup.php allows remote attackers to delete arbitrary files via a flienamecsv=../ directory traversal. This can be exploited via CSRF.