Three in five execs concerned about public cloud vulnerabilities

Three in five execs concerned about public cloud vulnerabilities

According to a recent report from Radware, 60% of executives are concerned about vulnerabilities in their company public cloud network, so much so that it’s now recognised as a key business driver by the C-Suite.

Radware, a provider of cyber security and application delivery solutions has released the findings of its 2019 C-Suite Perspectives: From defence to offense – executives turn information security into a competitive advantage.

About 73% of the executives indicate they have had unauthorised access to their public cloud assets, most often from an employee neglecting credentials in a development forum or because of hacking.

Some 27% of the executives report that their mobile applications are attacked on a daily or hourly basis.

To combat this companies are using either using their own in-house team to secure their cloud assets or their cloud provider on a roughly 50:50 split. 47% of execs in Europe are also tightening up on permissions by limiting them and using third party cloud native security solutions, and two thirds are using multiple techniques to manage permissions.

The steps are being taken out of necessity as executives that participated in the research said that that the four main business impacts of a security incident were customer loss (45%), brand reputation loss (44%) and revenue loss or operational loss (32% each).

The predominance of cybersecurity as a business issue extends to the board, with a majority (72%) of executives reporting information security is now an agenda item for every board meeting.   

All of this is with good reason, as respondents estimated an average cost per attack of about $4.6M and the proportion of respondents estimating that the total cost of cyberattacks to their organisation is more than $10M nearly doubled from 2018 (7%) to 2019 (13%).  

At the same time, customers want to understand what companies have done to secure their products and services.

75% of executives report that security is a key part of their marketing messages. 50% of companies surveyed offer dedicated security products and services to their customers.

Additionally, 41% offer security features as add-ons within their products and services, and another 7% are considering building security services into their products.

“Because organisations have spent billions digitally transforming themselves over the years to create, faster, easier and more numerous access points to their customers, they have also increased their vulnerability in equal measure,” said Anna Convery-Pelletier, chief marketing officer at Radware.

“This year’s C-Suite Perspectives report shines a spotlight on increased sophistication of management philosophy for information security and security strategy in the cloud and mobile applications. 

“While responsibility for cybersecurity continues to be spearheaded by the CIO and CISO, it is also being shared throughout the entire C-Suite, especially as legislation like GDPR takes hold. 

“Security issues now influence brand reputation, brand trust, and consumer trust, which forces organisations to make a fundamental shift in thinking about the role of security in customer experience, marketing and business operations.”

But while the C-Suite has increased its focus on cybersecurity efforts, companies still have a long way to go to protect themselves.

A majority (70%) of senior executives surveyed in North America and Europe report their company experienced a cyberattack in the prior twelve months, and 75% of surveyed participants in EMEA say their networks are susceptible to cyberattacks.

In addition, Radware’s 2019 C-Suite Perspectives revealed:

  • Data breaches are most common in Europe, despite GDPR regulations. 74% of European executives report they have experienced a data breach in the past 12 months, compared to 53% in America and 44% in APAC. Half (52%) of executives in Europe have experienced a self-reported incident under GDPR in the past year.
  • Customers increasingly take action following a breach. Following a data breach, survey participants report an average churn of 30% of customers. They estimate the average investment to win a customer back at almost $100,000.
  • Bots continue to impact bottom-line business. Executives are discussing bots in their board management meetings. 53% say they’ve encountered reduced website revenue due to inventory hold-ups by bots, 51% report bots skewing marketing analytics, and 36% have talked about abuse of user accounts of payment information.
  • Investments in machine learning and AI are growing. The majority of respondents (82%) have shifted more budget into machine learning/AI over the past two years. This represents a continued focus on automation as just 71% said the same in 2018.  Individual regions report allocating an average of 37% of their security budget toward AI security systems (Americas 49%, EMEA 30%, and APAC 31%).

The report provides a detailed analysis of the views and insights from 263 senior leaders at organisations primarily with revenue in excess of $1 billion USD/EUR/GBP around the world.

Respondents this year represent the following vertical markets: 30% financial services, 21% retail/hospitality, 21% telecom/service provider, 7% manufacturing/distribution, 7% computer products/services, 6% business services/consulting, and 9% other.