About half (49%) of businesses believe cloud apps make them a target for cyber-attacks, according to the 2019 Thales Access Management Index.
Covering 1,050 IT decision makers worldwide, the survey shows that cloud applications are listed in the top three reasons an organisation might be attacked, just behind unprotected infrastructure such as IoT devices (54%) and web portals (50%).
With cloud applications now a crucial part of day-to-day business operations, 97% of IT leaders believe that cloud access management is necessary to continue their cloud adoption.
However, despite four in 10 (38%) organisations appointing a CISO due to concerns over data breaches in the past 12 months, only one in 10 (14%) are given the final decision on cloud access management.
“Trusted access to the cloud is key to our customers’ digital transformation, but without adequate investment in a dedicated CISO office, organisations will lack the leadership required to implement the correct security strategy or solutions to keep them secure in the cloud,” said Rana Gupta, APAC VP for cloud protection and licensing activity at Thales.
The growing awareness of consumer data breaches has led to organisations taking action, with almost all (94%) having changed their security policies around access management in the last 12 months.
Even then, 95% believe ineffective cloud access management is still a concern for their organisation.
Gupta said that while organisations are getting to grips with access management solutions, IT and business decision makers must ensure they understand the risks to their cloud solutions in order to implement the relevant ones.
“These solutions must be perimeter-free, compatible with a zero-trust model and flexible and adaptive in order to make the most of the latest technologies such as Smart SSO,” he said. “Without effective access management tools in place organisations face a higher risk of breaches, a lack of visibility and incur extra costs from poorly optimised cloud.”