Check Point Software Technologies has published the third instalment of its 2019 Security Report. It highlights how threat actors are increasingly targeting the weakest, least protected points in an organisation’s IT infrastructure – their public cloud and mobile deployments.
The third instalment of the 2019 Security Report reveals the key cyber-attack trends used by criminals to target enterprise cloud and mobile estates during 2018. It also reveals enterprise IT and security teams’ key security concerns about these deployments. Highlights of the third instalment include:
- 18 per cent of organisations globally had a cloud security incident in the past year: the most common incident types were data leaks / breaches, account hijacks, and malware infections
- The top four public cloud security threats: IT professionals rated misconfiguration of cloud platforms, leading to data loss or breaches as the biggest threat, cited by 62 per cent; followed by unauthorised access to cloud resources (55 per cent); insecure interfaces and APIs (50 per cent); hijacking of accounts or data traffic (47 per cent)
- 30 per cent of IT professionals still consider security is the responsibility of the cloud service provider: this worrying finding negates recommendations that cloud security should follow the mutual responsibility model, in which security is shared by both the cloud provider and the customer
- 59 per cent of IT professionals do not use mobile threat defences: a majority of organisations have not deployed mobile security solutions capable of detecting leading threats including mobile malware, fake or malicious apps, man-in-the-middle attacks and system vulnerabilities
- Only nine per cent of IT professionals consider threats on mobile a significant security risk: yet malware can propagate from unprotected mobile devices to organisations’ cloud- or on-premise networks, exploiting this weak link in enterprise security defences.
“The third instalment of our 2019 Security Report shows just how vulnerable organizations are to attacks targeting their cloud and mobile estates, because there is a lack of awareness of the threats they face and how to mitigate them. As nearly 20 per cent or organisations have experienced a cloud incident in the past year, it’s clear that criminals are looking to exploit these security gaps. By reviewing and highlighting these developments in the report, organisations can get a better understanding of the threats they face, and how they prevent them impacting on their business,” said Zohar Alon, Head of Cloud Product Line, Check Point Software Technologies.
Check Point’s 2019 Security Report is based on data from Check Point’s ThreatCloud intelligence, the largest collaborative network for fighting cyber crime which delivers threat data and attack trends from a global network of threat sensors; from Check Point’s research investigations over the last 12 months; and on a brand new survey of IT professionals and C-level executives that assesses their preparedness for today’s threats.
The report examines the latest emerging threats against various industry sectors, and gives a comprehensive overview of the trends observed in the malware landscape, in emerging data breach vectors, and in nation-state cyber-attacks. It also includes expert analysis from Check Point’s thought leaders, to help organisations understand and prepare themselves for today’s and tomorrow’s complex fifth-generation cyber-attacks and threats.