New Research from Illumio Shows Nearly Half of All Data Breaches Originate in the Cloud, Costing Organizations $4.1 Million on Average

Sunnyvale, California – November 14, 2023 – Illumio, Inc., the Zero Trust Segmentation company, today released the Cloud Security Index: Redefine Cloud Security with Zero Trust Segmentation, that presents the findings of global research into the current state of cloud security, the impact of cloud breaches, and why traditional cloud security technologies fail to keep organizations secure in the cloud.  

Vanson Bourne, an independent research firm, surveyed 1,600 IT and security decision makers across nine countries and found that cloud risks are only getting worse, traditional cloud security tools are falling short, and Zero Trust Segmentation (ZTS) is essential for the modern landscape.  

Key findings include:

• Traditional cloud security is failing the modern enterprise: In the last year, nearly half of all data breaches (47 percent) originated in the cloud, and more than 6 in 10 respondents believe cloud security is lacking and poses a severe risk to their business operations.  
• Cloud breaches cost organizations millions each year: The average organization who suffered a cloud breach last year lost nearly $4.1 million, yet 26 percent are operating under the assumption that breaches are not inevitable, posing serious risks to the business and its customers.
• Zero Trust Segmentation is critical for cloud resilience: 97 percent believe ZTS can greatly improve their organization’s cloud security strategy because it improves digital trust (61 percent), ensures business continuity (59 percent), and bolsters cyber resilience (61 percent).  

Cloud concerns are pervasive in today’s complex, hybrid world

As organizations take their most sensitive data to the cloud, they face increased complexity and risk. 98 percent of organizations store their most sensitive data in the cloud, including financial information, business intelligence, and customer or employee personally identifiable information (PII). Yet, over 9 in 10 are concerned that unnecessary or unauthorized connectivity between cloud services increases their likelihood of a breach.

According to the research, the main threats to organizations’ cloud security are: workloads and data overlapping traditional boundaries (43 percent); a lack of understanding of the division of responsibility between cloud providers and vendors (41 percent); social engineering attacks (36 percent); a lack of visibility across multi-cloud deployments (32 percent); and rising malware and ransomware attacks (32 percent).

Where traditional cloud security tools fall short

Respondents overwhelmingly believe their organization’s current approach to cloud security creates severe risks:  

• 95 percent say they need better visibility of connectivity with third party software.  
• This lack of visibility is impacting organizations' ability to respond to attacks, with 95 percent saying they need to improve their reaction time to cloud breaches.  

Respondents worry about the business repercussions of a cloud breach – their top three concerns being:  

• Reputational damage and loss of public trust (39 percent); loss of sensitive data (36 percent); and a loss of revenue generating services (35 percent).

Zero Trust Segmentation is a Non-Negotiable for Cloud Security

93 percent of IT and security decision makers believe that segmentation of critical assets is a necessary step to secure cloud-based projects. Additionally, organizations with dedicated microsegmentation technology were less likely to have suffered a cloud breach in the last year (35 percent) than those without it (43 percent). And ZTS addresses organizations’ visibility and security concerns by:  

• Continuously monitoring the connectivity between cloud applications, data, and workloads (55 percent); minimizing the reach and impact of an attack by containing its spread (51 percent); and offering insights into unnecessary connectivity that could be leading to increased vulnerability (45 percent).

“Because cloud environments are dynamic and interconnected, they’re increasingly challenging for security teams to navigate with legacy solutions,” said John Kindervag, Chief Evangelist at Illumio. “Organizations need modern security approaches that offer them real-time visibility and containment by default to mitigate risk and optimize opportunities afforded by the cloud. I’m optimistic that nearly every security team is prioritizing improving cloud security in the months ahead, and that they see solutions like ZTS as an essential piece of their Zero Trust journey.”  

Today, Illumio also introduced the industry’s most complete Zero Trust Segmentation platform with the addition of CloudSecure, designed to help security teams address the most pressing cybersecurity challenges they’re facing across hybrid and multi-cloud environments, endpoints, and data centers. lllumio's ZTS platform visualizes the connections happening across an organization’s entire environment. Illumio ZTS also makes it simple for security teams to prioritize and write their microsegmentation policy to stop attacks from spreading throughout their environment to reach critical assets and data, reducing risk and building resilience.  

To learn more about Illumio CloudSecure visit: https://www.illumio.com/products/illumio-cloudsecure. Read the full Cloud Security Index: Redefine Cloud Security with Zero Trust Segmentation here: http://www.illumio.com/resource-center/cloud-security-index-2023.  

Research Methodology

In September 2023, Illumio commissioned Vanson Bourne to conduct a 1,600-person global study of IT and security decision makers on the current state of cloud security and the impact of segmentations. The findings incorporate sentiment from senior information security and IT professionals across the US, UK, France, Germany, Australia, Japan, Singapore, Saudi Arabia, and the UAE.  

About Illumio 

Illumio, the Zero Trust Segmentation Company, stops breaches and ransomware from spreading across the hybrid attack surface. The Illumio ZTS Platform visualizes all traffic flows between workloads, devices, and the internet, automatically sets granular segmentation policies to control communications, and isolates high-value assets and compromised systems proactively or in response to active attacks. Illumio protects organizations of all sizes, from Fortune 100 to small business, by stopping breaches and ransomware in minutes, saving millions of dollars in application downtime, and accelerating cloud and digital transformation projects.  

Contact Information

[email protected]

About Vanson Bourne

Vanson Bourne is an independent specialist in market research for the technology sector. Their reputation for robust and credible research-based analysis is founded upon rigorous research principles and their ability to seek the opinions of senior decision makers across technical and business functions, in all business sectors and all major markets. For more information, visit www.vansdeconbourne.com.