The Biggest Threats to Cloud Security in 2023 [Backed by Research]

While most organizations have enough to worry about when it comes to keeping the lights on, CIOs are facing the increasing challenge of creating a more agile business while defending it from the growing armada of threats.

To better understand this security landscape, we asked 200 IT professionals responsible for cloud security in their organization about the biggest threats to cloud this year.

What are your main cloud security concerns this year?

Cybersecurity remains a top priority for most CIOs, but as IT departments move from legacy on-premises infrastructure to the cloud, what security concerns do IT leaders share?

• Staying up to date with relevant regulations: While most businesses share similar concerns when it comes to cloud security, 1 in 2 cloud security professionals (53%) aren’t sure if they’re keeping up to date with relevant regulations.
• Internal cybersecurity incidents: From unintentional threats caused by negligent staff to former disgruntled employees stealing and exposing sensitive data, half of our survey participants (51.5%) are concerned about internal security.
• Data sovereignty/residency/control: In an increasingly politicized world, data sovereignty/residency/control issues affecting data are high on the agenda, with 49.5% of respondents citing it as a key concern.
• Managing data in multi-cloud environments: Of those leveraging a multi-cloud environment, managing the data is a concern for 45.5% of IT professionals.
• Accidental exposure of credentials and data loss/leakage: Just under 35% of survey participants are concerned about data loss/leakage and the accidental exposure of credentials.

What are the biggest security threats facing your organization today?

With so many security risks in the cloud, our survey respondents were asked to select their biggest threats.

1. Cloud account hijacking

45% of IT professionals cited cloud account hijacking as their top threat, making multi-factor authentication (MFA) all the more important.

2. Cloud misconfiguration

35.5% of respondents are worried about the threat of misconfigured cloud services – a key issue if migration is a main focus for the coming year.

3. Insecure APIs/UIs

Firms can often have hundreds of APIs in operation with minimal oversight of access or data passing through, and one insecurity can lead to a sizeable breach, which would explain why this is a key concern for 34.5% of respondents.

4. Weak control planes

34% are concerned about weak control planes that put a business at risk of not being in control of their infrastructure logic, security or verification processes.

5. The workforce

28% of respondents consider their workforce to be a major security threat to the business, something only solid onboarding, regular training and testing around key security issues can solve.

Access The State of Cloud Security Analyst Report

For more detailed insights into the current state of cloud security, including, what cloud deployment currently looks like, which tools are being used by IT professionals and which vendors provide the best defense, download the report today.