A hybrid cloud makes a lot of sense for most modern businesses. By stacking all your IT “building blocks” — services and infrastructure hosted on-premises or in your private and public cloud environments — together into one architecture, you get the best of both worlds.
The benefits of a unified, hybrid cloud are many: flexibility to quickly scale technology projects up and down, agility to adopt new solutions quickly and cost-efficiency through resource optimization, to name a few. In fact, companies derive up to 2.5 times the value from hybrid cloud than from a single-cloud, single-vendor model, according to recent IBM research. But if your approach to cloud security isn’t equally cohesive, risks can escalate quickly across these huge, interconnected environments.
Since the start of the pandemic and rise in remote work, 60% of organizations have moved further into cloud-based activities. During this period of drastic operational shifts, the average cost of a data breach reached $4.24 million per incident — the highest recorded cost to date. We dug into IBM’s latest Cost of a Data Breach report to explore the security implications of this sustained push to the cloud. Here are five takeaways for organizations as they adopt hybrid cloud models to enable their business and deliver the digital experiences customers have come to expect:
1. Cloud breaches begin with compromised credentials
Unsurprisingly, the study found stolen credentials was the most common root case of breaches. Breaches stemming from compromised credentials took the longest to detect: an average of 250 days.
With time on the attacker’s side — coupled with the fact that 82% of surveyed individuals admit to reusing credentials and passwords across accounts — just think how easy it is for an attacker to unlock a “door” on-premises or in the cloud, then move laterally and escalate privileges across a hybrid environment to reach their goals. For instance, by compromising one over-permissioned cloud identity through credential theft, a bad actor could compromise critical infrastructure or escalate their privileges to steal cloud-hosted data or disrupt high-value applications.
2. Attackers covet sensitive customer PII data
There are many ways of measuring cost-of-breach damages. Some forms of data loss are costlier to remediate when compromised, so defenders must be cognizant of which sensitive assets to prioritize to minimize damage. For instance, the loss of customer personal identifiable information (PII) was the most expensive compared to other types of data, at $180 per lost or stolen record versus an average of $161 for overall per record.
3. On-premises-to-cloud and cloud-to-cloud migrations require careful planning
The study found that companies experiencing a breach during a cloud migration project faced an average of 18.8% higher costs. Whether you’re migrating data, applications or systems from an on-premises datacenter to the cloud, or you’re shifting workloads from one public cloud provider to another, don’t rush the process or cut security corners. From investing in monitoring to implementing least privilege access, careful preparation for a safe and secure transition is a must.
4. Automate everywhere to scale cloud defenses and save on costs
Attackers are using automation to pinpoint identity-related vulnerabilities in cloud environments, especially overly permissive resource misconfigurations and over-permissioned identities — to get more done without much effort. Security teams that are scaling defenses to fight automation with automation are finding success: organizations that have adopted artificial intelligence (AI), security analytics and encryption have saved between $1.25 million and $1.49 million compared to those who did not have significant usage of these tools. The study found about 65% of companies are partially or fully deploying automation within their security environments, compared to 52% two years ago.
5. Minimize data breach impact by consistently enforcing least privilege
The good news is more companies are getting on board with modern Identity Security tactics, such as AI-powered threat detection, behavioral analytics and the adoption of Zero Trust models. Companies with a mature Zero Trust strategy had an average data breach cost of $3.28 million — $1.76 million lower than those without one. This “trust nothing; verify everything” philosophy is also helping companies address one of the top-cited cloud security challenges today: the countless identities with misconfigured or unused cloud Identity and Access Management (IAM) permissions hidden throughout hybrid cloud environments.
As organizations rapidly scale cloud deployments and adopt advanced services to digitally transform their business, the creation of human, application and machine identities is accelerating. Access permissions for these identities are often granted based on group or role, resulting in too many identities having unused or unnecessary permissions. By using AI-powered monitoring and detection capabilities, companies can consistently enforce least privilege principles across their hybrid cloud environments by removing excessive permissions, significantly reducing risk and improving overall visibility and security.
The Zero Trust Bottom Line
Assume your enterprise has been breached. Period. The IBM report points out that it may take months to discover. At CyberArk, we believe a comprehensive least privilege, Zero Trust approach can help close that window and minimize an attack’s “blast radius” by unmasking attackers quickly and stopping them from accessing hybrid cloud resources. Applying modern security tactics like AI and automation can also cut time-to-detection significantly and reduce breach costs.
One final set of numbers: The IBM study broke down the average breach cost of $4.24 million into four categories: lost business ($1.59 million), detection and escalation costs ($1.24 million), post-breach response ($1.14 million) and notification ($0.27 million).
With average breach costs spiking 10 to 20% higher than costs suffered by companies with Zero Trust strategies, can organizations really afford the price of inaction? Don’t wait to find out. By positioning identity at the heart of your security strategy, your organization can move forward with confidence, knowing your most critical assets are secure.