As recent news discusses how security breaches are now costing consumers, a new report has revealed how SaaS (Software as a Service) misconfigured-related incidents have caused 43% of security incidents within businesses.
The report was conducted by SaaS provider and maintenance service, Adaptive Shield. They questioned 340 enterprises across the globe about their security to assess the impact of SaaS on security.
They found that up to 63% of businesses have had a SaaS misconfiguration lead to a security incident in the past year. According to Google Trends, this is in line with online searches for ‘cybersecurity support’ almost tripling in the last year alone.
This is in comparison to another report that found IaaS (Infrastructure as a Service) was responsible for 17% of instances due to malfunctions.
The causes behind these security incidents were also found within The report found that the leading cause is a lack of visibility and too many departments with access, which are security breaches.
Figures also showed that investment in business-critical SaaS applications is outpacing SaaS security tools and staff. However, Adaptive Shield’s report highlighted that manually detecting and remediating SaaS misconfigurations exposes organisations.
- 46% can only check once a month or less, whilst 5% can’t check at all
- 56% did report that a lack of visibility into 3rd party application access is their top concern
- This was closely followed by a lack of visibility into the overall SaaS security settings
Other reasons included:
- Lack of visibility into 3rd Party application access to the core SaaS stack – 56%
- Lack of visibility into SaaS security settings – 54%
- Lack of SaaS security knowledge – 41%
- Inability to remediate SaaS security misconfigurations – 38%
- Lack of automation or tooling for SaaS security – 35%
- Insufficient amount of SaaS security staff – 32%
The spokesperson for Adaptive Shield said: “Cybersecurity within businesses is more important than ever, and yet it still seems to be a preventable issue for most.
“Whilst it isn’t always an option for people to have the latest SaaS implemented into their business’s operations, taking simple steps to protect sensitive information can lessen the chances of a breach.
We also highly recommend regular maintenance and checks on configurations to ensure these types of issues are minimised.”