CloudLock's Q2 2016 Cybersecurity Report and Cloud App Risk Index Reveals 27% of Cloud Apps Are Risky

CloudLock CyberLab Uncovers Exponential Explosion of Third-Party Risky Cloud Apps

Marketwired

Mon, Jun 13, 2016, 9:00 AM

NATIONAL HARBOR, MD--(Marketwired - Jun 13, 2016) - Gartner Security & Risk Management Summit, Booth #451 - The CloudLock CyberLab, CloudLock's security intelligence arm, today released its Q2 2016 Cloud Cybersecurity Report: The Explosion of Apps: 27% are Risky. Based on analysis across 10 million users, 1 billion files, and nearly 160,000 unique applications, the report focuses on one of the riskiest attack vectors in the cloud: connected third party cloud apps.

As more and more organizations adopt cloud platforms, new Shadow IT risk vectors are coming into play in the form of connected third-party apps. These apps (and by extension, their vendors) are authorized using corporate credentials, have programmatic (API) access to corporate data on multiple SaaS platforms via OAuth connections, and can act on behalf of users to access, delete, store, externalize and exfiltrate data.

Key findings:

30x Increase in Connected Apps
The shadow IT dilemma is only becoming more challenging as usage is increasing exponentially year over year. From 2014 to 2016, we've seen nearly a 30x increase in apps from 5,500 to nearly 160,000. Each application instance represents a backdoor through which hackers can infiltrate and externalize sensitive corporate assets.

27% of Apps Connected to Corporate Environments Are High Risk
Measuring risk by a combination of access scopes, community-sourced ratings, and expert-driven analytics, the CloudLock CyberLab found that 27% of third-party apps are classified as high risk through which cybercriminals could gain programmatic access to corporate platforms impersonating end users.

More than Half of Apps Are Banned Due to Security-Related Concerns
An organization may embrace its employees' 'shadow' exploration of innovative technology solutions and sanction a subset of these apps as Productivity IT, but it's essential to closely monitor the connected third-party apps and identify cloud native malware in real time. Security conscious enterprises recognize the high risk associated with connected third-party apps and take immediate action. While apps can be banned for any number of reasons, including concerns around productivity, a clear majority are banned because of the security vulnerabilities they introduce.

Key Recommendation: Reduce Cloud App Risk by Establishing an Acceptable Use Policy
By enacting a high-level strategy, coupled with an Acceptable Application Use Policy, organizations can significantly reduce the application risk level organization-wide. Automating whitelisting or banning of potentially risky applications is an effective strategy. One of CloudLock's customers auto-revokes any app labeled as high risk unless it has been whitelisted based on CloudLock Cloud Application Risk Index (CARI), effectively reducing the unique number of apps by 34%, significantly decreasing the associated risk level. CARI is the industry's first application risk index that relies on trust ratings from over 750 organizations' IT security teams, as well as application access scopes and research-based vulnerability intelligence.

"The shift to the cloud creates a new, virtual security perimeter that includes third-party apps granted access to corporate systems," says CloudLock Director of Customer Insights and Analytics Ayse Kaya Firat. "Today, most employees leverage a wide variety of apps to get their jobs done efficiently, unwittingly exposing corporate data and systems to malware and the possibility of data theft." CloudLock's report shares critical data to help organizations understand the exponential growth of this new risk vector as well as the associated risk and how security conscious enterprises are taking action.

To download the full report, please visit: The Explosion of Apps: 27% are Risky.

About CloudLock's CyberLab
CloudLock is the only security vendor uniquely combining U.S. and Israeli Military Intelligence with real-time, crowdsourced cloud security insight. CloudLock continuously monitors over one billion files daily across more than 10 million users. Security professionals feed into CloudLock's unique security insight through peer-driven, crowdsourced Community Trust Ratings™. This intelligence allows organizations to immediately respond to emerging cloud cyber threats and risky apps.

About CloudLock
CloudLock is the cloud-native CASB and Cloud Cybersecurity Platform that helps organizations securely leverage cloud apps they buy and build. CloudLock delivers security visibility and control for SaaS, IaaS, PaaS and IDaaS environments across the entire enterprise in seconds. Founded by Israeli Elite Cybersecurity Military Intelligence experts, the company delivers actionable cybersecurity intelligence through its data scientist-led CyberLab and crowdsourced security analytics across billions of data points daily. CloudLock has been recognized by Inc. Magazine as the fastest growing security product company in the U.S. and by Glassdoor as one of the top 3 best places to work in the U.S. Learn more at www.cloudlock.com.

Suze Orman Decided To Drop Homeowners Insurance After An Outrageous Quote: '$28,000 For A 2,100-Square-Foot Condo. Are You Kidding Me?'
Finance expert Suze Orman has voiced concerns about the impact of climate change on property insurance costs, asserting it could threaten the American dream of homeownership. Orman, 72, faced a $28,000 annual insurance quote for her Florida oceanside condo, leading her to forego coverage entirely. She highlights a troubling trend where soaring insurance costs driven by frequent and severe weather events may deter Americans from buying homes. Don't Miss: For many first-time buyers, a house is abo
Benzinga•17h ago
Cathie Wood's Ark Empire Bleeds As Investor Outflows Spike: 'The Loyal Shareholders Have Become Frustrated'
In early 2021, Ark Invest, led by tech investor Cathie Wood, managed a staggering $59 billion across six funds, making it the world’s largest active ETF manager. Three years later, a significant 80% downturn occurred, with assets under management in those funds plummeting to just $11.1 billion. This decline can be attributed to a combination of factors, including high interest rates dampening Wood’s long-term speculative tech investments and the subsequent wave of outflows from disillusioned inv
Benzinga•15h ago
Forget Bank of America; Buy This Magnificent Bank Stock Instead
This up-and-coming digital bank is ready to start generating outsized profits.
Motley Fool•2h ago
The IRS says it’s going after wealthy tax cheats. Here’s what new audit stats show.
After Congress approved billions of extra funding for tax compliance, the Internal Revenue Service pledged it would get tougher on rich taxpayers and corporations while avoiding extra scrutiny of middle-class households.
MarketWatch•20h ago
JPMorgan’s ‘Bloody Friday’: Why Several Top Financial Advisors Jumped Ship the Same Day
Six teams managing nearly $15 billion in total assets quit JPMorgan Chase’s brokerage unit to join competitors last Friday. Here’s what may have triggered their departures.
Barrons.com•16h ago
On a crucial earnings call, Musk reminds the world Tesla is a tech company. ‘Even if I’m kidnapped by aliens tomorrow, Tesla will solve autonomy’
After a dismal quarter for Tesla, CEO Elon Musk tried to reassure investors the company’s real value was its effort to perfect self-driving cars.
Fortune•9h ago
Forget Nvidia: Billionaires Are Selling It and Buying These 2 High-Octane Artificial Intelligence (AI) Growth Stocks Instead
Billionaire investors are ditching the "infrastructure backbone" of the artificial intelligence (AI) revolution in favor of two industry-leading, irreplaceable AI stocks.
Motley Fool•1d ago
3 Super-Safe Stocks That Could Reach 70 Consecutive Years of Dividend Raises By 2032
When it comes to reliable passive income, these three dividend-paying companies are best in breed.
Motley Fool•1d ago
Oracle to Move Headquarters Again, This Time to Nashville
CEO Larry Ellison said the relocation will help the company better integrate with the healthcare industry.
The Wall Street Journal•10h ago
Ex-Googler and Palestinian-American fired for opposing Project Nimbus speaks out: ‘This was not my idea of what the American workplace should be’
Several fired Google employees spoke at a press conference Monday about their experiences.
Fortune•19h ago

News

Life

Entertainment

Finance

Sports

New on Yahoo

Yahoo Finance

CloudLock's Q2 2016 Cybersecurity Report and Cloud App Risk Index Reveals 27% of Cloud Apps Are Risky

CloudLock CyberLab Uncovers Exponential Explosion of Third-Party Risky Cloud Apps

Recommended Stories

Suze Orman Decided To Drop Homeowners Insurance After An Outrageous Quote: '$28,000 For A 2,100-Square-Foot Condo. Are You Kidding Me?'

Cathie Wood's Ark Empire Bleeds As Investor Outflows Spike: 'The Loyal Shareholders Have Become Frustrated'

Forget Bank of America; Buy This Magnificent Bank Stock Instead

The IRS says it’s going after wealthy tax cheats. Here’s what new audit stats show.

JPMorgan’s ‘Bloody Friday’: Why Several Top Financial Advisors Jumped Ship the Same Day

On a crucial earnings call, Musk reminds the world Tesla is a tech company. ‘Even if I’m kidnapped by aliens tomorrow, Tesla will solve autonomy’

Forget Nvidia: Billionaires Are Selling It and Buying These 2 High-Octane Artificial Intelligence (AI) Growth Stocks Instead

3 Super-Safe Stocks That Could Reach 70 Consecutive Years of Dividend Raises By 2032

Oracle to Move Headquarters Again, This Time to Nashville

Ex-Googler and Palestinian-American fired for opposing Project Nimbus speaks out: ‘This was not my idea of what the American workplace should be’