Criminals are increasingly targeting the cloud and mobile environments of businesses because they're the least protected infrastructure, Check Point has revealed.
The insights are backed up by evidence in the form of the cyber security company's 2019 Security Report, with almost a fifth of businesses having experienced a security incident over the last 12 months, including data leaks and breaches and malware.
"The third installment of our 2019 Security Report shows just how vulnerable organizations are to attacks targeting their cloud and mobile estates, because there is a lack of awareness of the threats they face and how to mitigate them," said Zohar Alon, head of cloud product line at Check Point Software Technologies. "As nearly 20% or organizations have experienced a cloud incident in the past year, it's clear that criminals are looking to exploit these security gaps."
The reason so many businesses are being targeted is because 30% feel it's the responsibility of their cloud provider to protect them against threats and this means they're not sufficiently protecting their cloud infrastructure. However, it's widely recommended by cloud providers that this duty to protect a cloud environment is shared between the provider and the customer.
The most prevalent threats in the cloud are misconfiguration of cloud platforms, which was highlighted by 62% of businesses, with unauthorised access to cloud platforms cited as a problem by 55% of IT professionals. Those questioned also said insecure interfaces and APIs were a big problem in their organisation.
Mobile environments are also more at risk because businesses are failing to use mobile defences to protect their infrastructure, whether that's by implementing malware detection or monitoring the usage of devices for system vulnerabilities.
In fact, less than 10% of IT professionals thought mobile threats presented a significant risk to their business, failing to recognise that malware can very easily propagate between mobile devices on a central network.
"By reviewing and highlighting these developments in the Report, organizations can get a better understanding of the threats they face, and how they prevent them impacting on their business," Alon said.
-
What to look out for at RSAC Conference 2025Analysis Convincing attendees that AI can revolutionize security will be the first point of order at next week’s RSA Conference – but traditional threats will be a constant undercurrent
-
Ransomware attacks are rising — but quiet payouts could mean there's more than actually reportedNews Ransomware attacks continue to climb, but they may be even higher than official figures show as companies choose to quietly pay to make such incidents go away.
