News Highlights:
· External attacks on
cloud accounts grew 630 percent from January to April
· Overall enterprise use of
cloud services increased by 50 percent over the same period
· Cisco WebEx, Zoom,
Microsoft Teams and Slack saw an increase of up to 600 percent in usage, led by
the education sector, over the same period
McAfee, the device-to-cloud
cybersecurity company, today released a new research study titled ‘Cloud
Adoption & Risk Report – Work-from-Home Edition’. The report uncovers a
correlation between the increased use of cloud services and collaboration
tools, such as Cisco WebEx, Zoom, Microsoft Teams and
Slack during the COVID-19 pandemic, along with an increase in
cyber-attacks targeting the cloud. Based on anonymized and
aggregated data from more than 30 million McAfee MVISION Cloud users worldwide
between January and April, the report reveals significant and potentially long-lasting trends that
include an increase in the use of cloud services, access from unmanaged
devices and the rise of cloud-native threats. These trends emphasize the need for new
security delivery models in the distributed work-from-home
environment of today–and likely the future.
In the time
surveyed, overall enterprise adoption of cloud services spiked by 50
percent, including industries such as manufacturing and financial
services that typically rely on
legacy on-premises applications, networking and security more than
others. Use of cloud collaboration tools increased by up
to 600 percent, with the education sector seeing the most
growth as more students are required to adopt distance learning practices.
Threat events from external
actors increased by 630 percent over the same
period. Most of these external attacks targeted collaboration
services like Microsoft 365, and were large-scale attempts to access cloud
accounts with stolen credentials. Insider threats remained the same,
indicating that working from home has not negatively influenced employee
loyalty. Access to the cloud by unmanaged, personal devices doubled,
adding another layer of risk for security professionals working to keep their
data secure in the cloud.
With cloud-native
threats increasing in step with cloud adoption, all industries
need to evaluate their security posture to protect against account takeover and
data exfiltration. Companies need to safeguard against threat actors
attempting to exploit weaknesses in their cloud deployments. Tips to
maintain strong security posture include:
· Think cloud-first: A
cloud-centric security mindset can support the increase in cloud
use and combat cloud-native threats. Enterprises need to
shift their focus to data in the cloud and to cloud-native
security services so they can maintain full visibility and control with a
remote, distributed workforce.
· Consider your
network: Remote work reduces the ability for hub and spoke networking to
work effectively with scale. Network controls should be
cloud-delivered and should connect remote users directly to the cloud
services they need.
· Consolidate and
reduce complexity: Cloud-delivered network security and cloud-native data
security should smoothly interoperate, ideally be consolidated to
reduce complexity and total cost of ownership and increase
security effectiveness and responsiveness.
Report Methodology:
For the Cloud Adoption & Risk
Report – Work from Home Edition, McAfee aggregated, anonymized
MVISION Cloud usage data for more than 30 million McAfee MVISION Cloud users
worldwide who collectively generate billions of unique transactions and policy
events in the cloud each day.
This data set collected between
January and April 2020, represents companies across all major industries
across the globe, including financial services, healthcare, public sector,
education, retail, technology, manufacturing, energy, utilities, legal, real estate,
transportation and business services.
Additional Resources:
· Cloud Adoption & Risk Report – Work from
Home Edition