Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Small Percentage of Employees Responsible for Most Cloud Security Risk: Report

A report released on Wednesday by CloudLock reveals that one percent of employees in an enterprise are responsible for 75 percent of risk associated with cloud security.

A report released on Wednesday by CloudLock reveals that one percent of employees in an enterprise are responsible for 75 percent of risk associated with cloud security.

The cloud security company’s report is based on the analysis of 10 million users, 1 billion files, and more than 91,000 applications across 1,800 organizations. CloudLock has calculated cloud cybersecurity risk based on users’ volume of usage, corporate security policy violations, and potentially risky behavior.

Using the cloud can help an organization significantly increase productivity because cloud solutions allow employees to easily create, access and distribute information. However, the cloud can also make a company more vulnerable to both external cyberattacks and unintentional data exposure.

Experts have determined that the top one percent of users in an organization are responsible for 57 percent of file ownership, 81 percent of file shares, 73 percent of excessively exposed files, and 62 percent of application installations. CloudLock has warned that security teams must keep a close eye on this small group of employees, which often includes users with super privileges, software architects, and automated accounts responsible for access privileges and data archiving.

CloudLock has found that the top 5 percent of users in an organization are responsible for 81 percent of digital assets, which makes this user group a tempting target for malicious actors. Overall, 90 percent of risk is attributed to these top 5 percent users.

In one case study described by CloudLock, a company in the travel sector was able to decrease risk by 62 percent in just one day after reaching out to its top users.

CloudLock has identified similar trends when it comes to sharing and collaboration. On average, organizations collaborate with 865 external parties, 25 of which account for 75 percent of cloud-based sharing. Worryingly, 70 percent of this sharing involves non-corporate email accounts that cannot be properly monitored by security teams.

In one case described in the report, a federal institution with over 5 million documents and 20,000 users discovered that its users were sharing files with 7,000 other organizations and domains. Only less than 30 percent of these entities were sanctioned federal institutions.

As far as apps are concerned, since the top one percent of users is responsible for 62 percent of cloud application installations, this small user base introduces a high volume of risk, CloudLock said. Furthermore, 52,000 app installations have been attributed to highly privileged users, which significantly increases risk considering that such accounts are highly targeted in cyberattacks.

“Cyber attacks today target your users — not your infrastructure. As technology leaders wake up to this new reality, security programs are being reengineered to focus where true risk lies: with the user,” CloudLock CEO and co-founder Gil Zimmermann commented on the study. “The best defense is to know what typical user behavior looks like — and, more importantly, what it doesn’t.”

CloudLock’s complete Cloud Cybersecurity Report for Q3 2015 is available for download in PDF format.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Cloud Security

Orca Security published details on four server-side request forgery (SSRF) vulnerabilities impacting different Azure services.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cloud Security

Cloud Disaster Recovery - Ingredients for a Recipe that Saves Money and Offers a Safe, More Secure Situation with Greater Accessibility