Cloud misconfigurations are considered a data security risk by 95% of IT decision makers in the UK, according to a new study from Trend Micro. The findings highlight how human error is a major cause of organizations’ compliance problems and is obstructing their digital transformation.
Of those who regard cloud misconfiguration as a risk, 41% said it is a “great risk.” For those working in B2C, this rose to 57%, and in administrative or technical roles, 52%.
Nearly two-thirds (62%) of IT decision makers said they are extremely or very concerned about the legal and regulatory compliance implications of cloud threats like misconfiguration, and 27% stated they had experienced such an incident over the past year.
The most common forms of misconfiguration errors include leaving an unencrypted data store exposed to the public internet without any form of authentication required to access it, exposing data to all global users of the same cloud platform and leaving encryption keys and passwords in open repositories.
This provides cyber-criminals with opportunities to undertake nefarious activities such as stealing and ransoming data and installing malicious digital skimming…
