Cloud and mobile deployments are the weakest links

April 2019 Cyber Security

Check Point Software has published the third instalment of its 2019 Security Report. It highlights how threat actors are increasingly targeting the weakest, least protected points in an organisation’s IT infrastructure – their public cloud and mobile deployments. 

The third instalment of the 2019 Security Report reveals the key cyberattack trends used by criminals to target enterprise cloud and mobile estates during 2018. It also reveals enterprise IT and security teams’ key security concerns about these deployments. Highlights of the third instalment include:

• 18% of organisations globally had a cloud security incident in the past year: the most common incident types were data leaks / breaches, account hijacks, and malware infections.

• The top four public cloud security threats: IT professionals rated misconfiguration of cloud platforms, leading to data loss or breaches as the biggest threat, cited by 62%; followed by unauthorised access to cloud resources (55%); insecure interfaces and APIs (50%); hijacking of accounts or data traffic (47%).

• 30% of IT professionals still consider security is the responsibility of the cloud service provider: this worrying finding negates recommendations that cloud security should follow the mutual responsibility model, in which security is shared by both the cloud provider and the customer.

• 59% of IT professionals do not use mobile threat defences: a majority of organisations have not deployed mobile security solutions capable of detecting leading threats including mobile malware, fake or malicious apps, man-in-the-middle attacks and system vulnerabilities.

• Only 9% of IT professionals consider threats on mobile a significant security risk: yet malware can propagate from unprotected mobile devices to organisations’ cloud- or on-premise networks, exploiting this weak link in enterprise security defences.

“The third instalment of our 2019 Security Report shows just how vulnerable organisations are to attacks targeting their cloud and mobile estates, because there is a lack of awareness of the threats they face and how to mitigate them. Nearly 20% of organisations have experienced a cloud incident in the past year, it’s clear that

criminals are looking to exploit these security gaps,” said Zohar Alon, head of cloud product line, Check Point Software Technologies. “By reviewing and highlighting these developments in the report, organisations can get a better understanding of the threats they face, and how they prevent them impacting on their business.”

For full report go to: https://research.checkpoint.com/vol-3-2019-security-report/


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

The enemy within – insider ­security threats
May 2019, Wolfpack Information Risk , Editor's Choice, Cyber Security, Financial (Industry)
Insider threats in today’s financial world are insidious and destructive and your defence against insiders should start long before the person assumes his/her position.

Read more...
LoJax: Be very careful
May 2019 , Cyber Security
Even replacing drives won’t kill this malware, which is still active more than nine months after researchers from Arbor Networks detailed it.

Read more...
Assessing impacts: The meteors of security and AI
May 2019 , Cyber Security
As security threats evolve and artificial intelligence pervades, what impact are they set to have on business over the next year?

Read more...
Visibility is key, and lacking
May 2019 , Editor's Choice, Cyber Security
Cybercriminals are most likely to be caught on servers and networks, but detecting their time and point of entry remains a mystery.

Read more...
The benefits of machine learning and UEBA
May 2019 , Cyber Security
Combining accurate and essential user behavioural data with machine learning allows you to more accurately monitor your users on an endpoint-by-endpoint basis.

Read more...
Insiders: who are they?
May 2019 , Security Services & Risk Management, Cyber Security
The 2018 Insider Threat Report by Cybersecurity Insiders reports that more than 51% of companies are concerned about unintentional insider attacks.

Read more...
Securing the Industrial Internet of Things
May 2019, Axiz , Cyber Security, IT infrastructure, Industrial (Industry)
The very benefits that makes the IIoT so compelling, makes it equally capable of damaging infrastructure operations and processes through bad actors.

Read more...
Hybrid cloud and hyper-converged data protection
May 2019 , IT infrastructure, Cyber Security
Arcserve Unified Data Protection extends disaster recovery and backup technologies to prevent downtime and data loss for hyper-converged and SaaS-based workloads.

Read more...
Vivotek strengthens cybersecurity
May 2019 , CCTV, Surveillance & Remote Monitoring, Cyber Security
Vivotek has announced the availability of comprehensive protection in its Cybersecurity Management Solution under the strategy of its 'Security within Security' campaign.

Read more...
Scammers target job seekers
May 2019 , Cyber Security
Kaspersky Lab experts detected a blast of sophisticated spam emails in the first quarter of 2019, featuring fake job-offers that seemed to come from HR recruiters in large corporations.

Read more...