IT Support
New Cloud Security Alliance Survey Finds SaaS Security Has Become A Top Priority For 80% Of Organizations
By Business Wire
Share
More than half of security executives experienced a SaaS security incident in the past two years
NATIONAL HARBOR, Md.--(BUSINESS WIRE)--#SSPM--Gartner Security and Risk Management Summit – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today released the findings of its latest survey, SaaS Security Survey Report: 2024 Plans & Priorities. Commissioned by Adaptive Shield, the leading SaaS Security Posture Management (SSPM) company, the survey gathered responses from 1,000-plus C-level security executives and professionals from all over the world, with the majority from North American enterprises.
“Many recent breaches and data leaks have been tied back to SaaS apps. We wanted to gain a deeper understanding of the incidents within SaaS applications and how organizations are building their threat prevention and detection models to secure their SaaS ecosystem,” said Hillary Baron, lead author and Senior Technical Director for Research, Cloud Security Alliance. “This explains why 71% of respondents are prioritizing their investment in security tools for SaaS, most notably turning to SaaS Security Posture Management (SSPM) as the solution to secure their entire SaaS stack.”
“The attack surface in the SaaS ecosystem is widening, and just as you would secure a cloud infrastructure with Cloud Security Posture Management, organizations should secure their SaaS data and prioritize SaaS security,” asserts Maor Bin, CEO and co-founder of Adaptive Shield. “In last year’s survey, 17% of respondents said they were using SSPM. This year that figure has soared, with 80% currently using or planning to use an SSPM by the end of 2024. This dramatic growth is fueled by the fact that 55% of organizations stated they recently experienced a SaaS security incident, which resulted in ransomware, malware, data breaches, and more. Threat prevention and detection in SaaS is critical to a robust cybersecurity strategy spanning SaaS Misconfigurations, Identity and Access Governance, SaaS-to-SaaS Access, Device-to-SaaS Risk Management, and Identity Threat Detection & Response (ITDR).”
Among the survey’s key findings:
- Current SaaS security strategies and methodologies don’t go far enough: More than half (58%) of organizations estimate their current SaaS security solutions only cover 50% or less of their SaaS applications. This gap cannot be filled using manual audits and cloud access security brokers (CASB), which are not enough to protect companies from SaaS security incidents.
- Investment in SaaS and SaaS security resources are drastically increasing: 66% of organizations have increased their investment in SaaS apps, with 71% increasing their investment in security tools to protect these business-critical apps. This can be attributed to the fact that SaaS Security Posture Management (SSPM) provides coverage in areas where other methods have fallen short.
- Stakeholder spread in securing SaaS apps: CISOs and security managers are shifting from being controllers to governors as the ownership of SaaS apps is spread out through the different departments of their organization.
- How organizations are prioritizing policies and processes for their entire SaaS security ecosystem: Organizations are expanding their SaaS security to address a broad range of concerns in the SaaS ecosystem, including SaaS-to-SaaS Access, Device-to-SaaS Risk Management, Identity, and Access Governance, and ITDR, etc. Companies recognize the importance of human capital in safeguarding the SaaS ecosystem, but more is needed: While 68% of organizations are ramping up investments in hiring and training staff on SaaS security, only 51% have established communication and collaboration between security and app owner teams, and an abysmal 33% currently monitoring less than half of their SaaS stack.
- More focus must be dedicated to device hygiene: Ensuring the security of devices that access the SaaS stack is critical for preventing unauthorized access and data breaches. Despite this, only 54% of organizations check device hygiene for SaaS privileged users, 47% inspect the device hygiene of all SaaS users, and just 42% identify unmanaged devices accessing the SaaS stack.
The survey gathered more than 1,000 responses from IT and security professionals from various organization sizes, industries, locations, and roles. Sponsors are CSA Corporate Members who support the research project’s findings but have no added influence on the content development or editing rights of CSA research.
To review the complete 2023 State of SaaS Security report, please visit https://cloudsecurityalliance.org/artifacts/state-of-saas-security-2023-survey-report/.
About Adaptive Shield
Adaptive Shield, leader in SaaS Security, enables security teams to secure their entire SaaS stack through threat prevention, detection and response. With Adaptive Shield, organizations continuously manage and control all SaaS and 3rd-party connected apps, as well as govern all SaaS users and risks associated with their devices. Founded by Maor Bin and Jony Shlomoff, Adaptive Shield works with many Fortune 500 enterprises and has been named Gartner® Cool Vendor™ 2022. For more information, visit us at www.adaptive-shield.com or follow us on LinkedIn.
About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA’s activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.
Media
Doug Fraim, Guyer Group
doug@guyergroup.com
Kristina Rundquist
ZAG Communications for CSA
kristina@zagcommunications.com
First published on Mon, Jun 5, 2023
Enjoyed what you've read so far? Great news - there's more to explore!
Stay up to date with the latest news, a vast collection of tech articles including introductory guides, product reviews, trends and more, thought-provoking interviews, hottest AI blogs and entertaining tech memes.
Plus, get access to branded insights such as informative white papers, intriguing case studies, in-depth reports, enlightening videos and exciting events and webinars from industry-leading global brands.
Dive into TechDogs' treasure trove today and Know Your World of technology!
Disclaimer - Reference to any specific product, software or entity does not constitute an endorsement or recommendation by TechDogs nor should any data or content published be relied upon. The views expressed by TechDogs' members and guests are their own and their appearance on our site does not imply an endorsement of them or any entity they represent. Views and opinions expressed by TechDogs' Authors are those of the Authors and do not necessarily reflect the view of TechDogs or any of its officials. All information / content found on TechDogs' site may not necessarily be reviewed by individuals with the expertise to validate its completeness, accuracy and reliability.
Tags:
Related News on IT Support
i3 Verticals Reports First Quarter 2023 Financial Results
Thu, Feb 9, 2023
By Business Wire
Alight Reports Fourth Quarter and Full Year 2022 Results
Wed, Feb 22, 2023
By Business Wire
Alight Announces Upsize And Pricing Of Secondary Offering
Thu, Mar 2, 2023
By Business Wire
Zuora Expands India Footprint With New Office In Chennai
Fri, Mar 10, 2023
By Business Wire
Tavant Propels Proptech Into A New Era With Next-Gen Solutions
Tue, Mar 7, 2023
By TechDogs
Nyriad Spotlighted In The 2023 CRN Partner Program Guide
Tue, Mar 28, 2023
By Business Wire
Factor Celebrates 10-Year Anniversary By Hiring First CEO
Wed, Apr 5, 2023
By Business Wire
BizAnalytica Achieves Snowflake Service Ready Validation
Thu, Apr 27, 2023
By Business Wire
Joseph Reece Appointed Chairman Of NCR Board Of Directors
Thu, May 4, 2023
By Business Wire
ISACA Introduces New Google Cloud Platform Audit Program
Thu, Jul 20, 2023
By Business Wire
SHI Achieves New Tool Verification Status For Oracle JAVA
Thu, Aug 3, 2023
By Business Wire
Cloudflare Announces Third Quarter 2023 Financial Results
Fri, Nov 3, 2023
By Business Wire
Splashtop Wins The SDC "Security Vendor Of The Year Award
Wed, Dec 6, 2023
By Business Wire
Pivotree To Release First Quarter 2024 Financial Results
Thu, Apr 25, 2024
By Business Wire
Join The Discussion