SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Australian firms express concern over insufficient cloud security
Thu, 23rd Nov 2023

New research conducted by Illumio, a Zero Trust Segmentation company, has revealed that a concerning 60% of Australian security workers believe that the state of cloud security is currently insufficient, posing a high risk to their businesses. The research also found that the average cloud breach cost Australian businesses near AUD $4.9M.

The study was carried out by independent research firm Vanson Bourne, and involved a comprehensive survey of 1,600 global IT and security decision-makers, including 200 respondents from Australia. It sought to probe the state of cloud security within Australia, the impact of cloud breaches, and reasons why traditional cloud security technologies could be failing to adequately protect local businesses.

Key findings from the study indicate that nearly half (47%) of all data breaches in Australia in the past year originated from the cloud, reinforcing the belief of 6 in 10 respondents that cloud security was falling short and significantly endangering their businesses. While cloud breaches cost businesses millions of dollars each year, roughly AUD $4.9M on average, shockingly 50% of businesses are operating under the assumption that breaches are not unavoidable.

Furthermore, the research uncovered the critical importance of Zero Trust Segmentation (ZTS) in ensuring cloud resilience. A staggering 98% of local respondents expressed their agreement that ZTS is a crucial component of any cloud security strategy as it enhances digital trust (60%) and ensures business continuity (62%), while also strengthening cyber resilience (60%).

An overwhelming 96% of Australian organisations are storing their most sensitive data—including financial details, business intelligence, and personally identifiable information (PII)—on the cloud. However, over 90% of surveyed have concerns that unnecessary or unauthorized connections between cloud services are heightening the likelihood of a data breach. Workloads and data overlapping traditional boundaries (45%), a lack of understanding of responsibilities between cloud providers and vendors (45%), a lack of visibility across multi-cloud deployments (38%), social engineering attacks (34%), and rising malware and ransomware attacks (33%) were identified as the primary threats to cloud security.

The majority of Australian respondents firmly believe their current approach to cloud security is resulting in severe risks. 95% expressed the need for improved visibility of connectivity with third-party software, and a similarly high percentage (95%) noted that this lack of visibility is impacting their ability to react swiftly to cloud breaches. The most pressing fears among local respondents concerning a cloud breach include reputational damage and loss of public trust (39%), loss of sensitive data (36%), and loss of revenue-generating services (35%).

John Kindervag, Chief Evangelist at Illumio, emphasised that due to the dynamic and interconnected nature of cloud environments, they are "increasingly challenging for security teams to navigate with legacy solutions". He added that businesses require contemporary security solutions that offer real-time visibility and containment by default to mitigate risks and optimise opportunities provided by the cloud. "I'm optimistic that nearly every security team is prioritising improving cloud security in the months ahead, and that they see solutions like ZTS as an essential piece of their Zero Trust journey," said Kindervag.