| Title | Cloud Threats Top Execs' List Of Cyber Nightmares | |
| Date | Thursday October 03 2024, @09:18PM | |
| Author | hubie | |
| Topic | ||
| from the penny-finally-drops dept. | ||
Arthur T Knackerbracket has processed the following story:
Efficiency and scalability are key benefits of enterprise cloud computing, but they come at a cost. Security threats specific to cloud environments are the leading cause of concern among top executives and they're also the ones organizations are least prepared to address.
That's according to PwC's latest cybersecurity report, released today, which showed that cloud threats are the biggest security concern for most (42 percent) business leaders.
The top five threats, according to PwC's 4,020 respondents, comprise hack and leak operations (38 percent), third-party breaches (35 percent), attacks on connected products (33 percent), and ransomware (27 percent).
If you've just read that and questioned why ransomware is so low on the list, you might be a CISO. The level of concern about ransomware jumped to 42 percent when analyzing responses from CISOs alone.
[...] All the threats that feature in execs' top five deemed "most concerning" are perhaps unsurprisingly also the same as the threats organizations feel least prepared to address, although not quite in the same order.
[...] Of course, it wouldn't be a cybersecurity report in 2024 unless AI got its moment in the spotlight.
Despite generative AI being used for good in many cases, and the majority (78 percent) increasing their investment in the tech in the past year, it's the primary contributor to the widening attack surface faced by organizations.
More than two-thirds of respondents (67 percent) said genAI increased their susceptibility to attacks "slightly" or "significantly" – the most significant factor of any in the past year, although cloud was only narrowly behind at 66 percent.
As a force for good, however, generative AI is being deployed widely across global organizations, supporting key cybersecurity functions such as threat detection and response, and threat intelligence.
"Cybersecurity is predominantly a data science problem," said Mike Elmore, global CISO at GSK. "It's becoming imperative for cyber defenders to leverage the power of generative AI and machine learning to get closer to the data to drive timely and actionable insights that matter the most."
Shockingly, PwC also found that business leaders who have regulatory and legal requirements to improve security do just that.
Indeed, 96 percent said regulations prompted an organization to improve its security, while 78 percent said the same regs have challenged, improved, or increased their security posture.
[...] "Organizations that embrace regulatory requirements tend to benefit from stronger security frameworks and a more robust posture against emerging threats," read PwC's report. "Compliance shouldn't be viewed as a box-ticking exercise but as an opportunity to build long-term resilience and trust with stakeholders."
These new regulations have also ushered in new investment into cybersecurity. Roughly a third of organizations (32 percent) said cyber investment increased to a "large extent" in the past 12 months. 37 percent said investment increased to a "moderate extent," while 14 percent said the increase in investment was "significant."
| Links |
printed from SoylentNews, Cloud Threats Top Execs' List Of Cyber Nightmares on 2025-07-12 07:57:57