Malware-delivering cloud apps almost tripled in 2022

A skull symbol within computer code.

More than 400 distinct cloud applications delivered malware in 2022, nearly triple the amount seen in the prior year, according to research conducted by Netskope, a specialist in Secure Access Service Edge (SASE).

The company's researchers also found that 30% of all cloud malware downloads in 2022 originated from Microsoft OneDrive.

Cloud apps are widely used by businesses, a fact not lost on attackers, which view these apps as an ideal home for hosting malware and...

10 January 2023 | Applications

Views from the field: Shifting left in enterprise cloud security  

A field on a sunny day.

Stuart Green, cloud security architect at Check Point Software, explains how businesses can mitigate cybersecurity risks.  

As of 2022, 94% of enterprises use cloud services. Confidence in the cloud has grown over the last 12 to 18 months, with 35% of organizations having more than 50% of their workloads in the cloud. While businesses are quick to deploy cloud solutions at scale, we’re not seeing the same rapid adoption of preventative cybersecurity measures to keep this...

3 January 2023 | Security

90% of global enterprises are adopting zero trust

Scrabble tiles spelling 'trust'

Cloud security firm Zscaler has found that more than 90% of IT leaders, who have started their migration to the cloud have implemented, are implementing, or are planning to implement a zero trust security architecture.

Supporting the mass migration to zero trust to secure users and the cloud, more than two thirds (68%) believe that secure cloud transformation is impossible with legacy network security infrastructures or that ZTNA has clear advantages over traditional firewalls...

13 December 2022 | Cloud Computing

Oliver Paterson, VIPRE: On email security in the era of hybrid working

With remote working the future for so many global workforces – or at least some kind of hybrid arrangement – is there an impact on email security we are all missing? Oliver Paterson, director of product management at VIPRE Security, believes so.

“The timeframe that people expect now for you to reply to things is shortened massively,” says Paterson. “This puts additional stress and pressure on individuals, which can then also lead to further mistakes. [Employees] are not...

1 December 2022 | Enterprise

James Todd, KPMG: On automation and machine learning as the future of security 

James Todd, SecOps director at KPMG, describes his role as a merging of SecOps, security architecture, and cloud security. It is a particularly interesting crossing point with regard to automation. 

“It’s at that intersection of the cloud environment, being very much aligned to deploying everything as code,” says Todd. “A lot of automation is a big part of that. Being able to take dynamic action within a cloud environment is much easier and well-versed than within a...

29 November 2022 | Cloud Computing

Organisations increasing modern data protection for cloud to reduce security risks

Veeam Software, a specialist in modern data protection, has released the findings of the company’s Cloud Protection Trends Report 2023, covering four key 'as a Service' scenarios: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), and Backup and Disaster Recovery as a Service (BaaS/DRaaS).

The survey found that companies are recognizing the increasing need to protect their SaaS environments. For example, nearly 90% of Microsoft® 365...

10 November 2022 | Cloud Computing

Next generation of phishing attacks uses unexpected delivery methods to steal data

A man fishing at a lake.

Netskope, a specialist in secure access service edge (SASE), has unveiled new research that shows how the prevalence of cloud applications is changing the way threat actors are using phishing attack delivery methods to steal data. 

The Netskope Cloud and Threat Report: Phishing details trends in phishing delivery methods such as fake login pages and fake third-party cloud applications designed to mimic legitimate apps, the targets of phishing attacks, where the fraudulent content...

3 November 2022 | Applications

86% of cloud attacks in healthcare sector lead to financial losses or other damage

A surgical team in an operating theatre.

61% of companies in the healthcare industry suffered a cyberattack on their cloud infrastructure within the last 12 months, compared to 53% for other verticals.

This is according to the 2022 Cloud Security Report by cybersecurity vendor Netwrix. Phishing was the most common type of attack reported, followed by ransomware or other malware attacks, and targeted attacks on cloud infrastructure.

Dirk Schrader, VP of security research at Netwrix, said: “The healthcare...

3 November 2022 | Healthcare

Over and out: why expired machine identities represent a growing business risk

A 'way out' sign.

Kevin Bocek, VP of security strategy and threat intelligence, Venafi, explains how cloud complexity and multicloud is increasing the number of outages.

Spotify users recently experienced an event that is becoming all-too familiar to digital consumers. They were left unable to listen to their favourite podcasts for hours after an TLS certificate at the streaming giant expired. Although certificates, or 'machine identities', like these are intended to provide a backbone of trust...

24 October 2022 | Cloud Computing

81% of companies had a cloud security incident in the last year

A security camera.

As many as 81% of organisations have experienced a cloud-related security incident over the last 12 months, with almost half (45%) suffering at least four incidents.

This is according to a study by Venafi, a provider of machine identity management, which has evaluated the complexity of cloud environments and its impact on cybersecurity.

The underlying issue for these security incidents is the dramatic increase in security and operational complexity connected with cloud...

3 October 2022 | Research