UK cloud security incidents are being blamed on a lack of trained IT staff, a lack of budget and cloud complexity.

Cyber security vendor Netwrix commissioned research among around 950 IT professionals worldwide who use private and public cloud services to store their data.

The report revealed the most common types of cloud security incidents suffered by UK organisations in 2020 were phishing (52 per cent), ransomware or other malware (23 per cent) and account compromise (21 per cent).

The top three consequences of data breaches were unplanned expenses to fix security gaps (36 per cent), customer churn (14 per cent) and a decrease in new sales (12 per cent).

Respondents from the UK complained that a lack of IT staff (63 per cent), a lack of budget (51 per cent) and the complexity of cloud workloads (50 per cent) hindered security teams from properly securing data in the cloud.

The report also found that employee training was the most common “cloud security control”, with 86 per cent of UK organisations conducting periodic training and an additional 4 per cent planning to do so.

UK organisations most commonly allocate 25 per cent of their cyber security budget to cloud security.

During the pandemic, 54 per cent of IT departments had to change their IT priorities but had to do it with their existing budgets.

Only 22 per cent of firms increased their cyber security spending.

Ilia Sotnikov, vice president of product management at Netwrix, said: “Lack of resources and the complexity of multi-cloud environments make it difficult to build consistent security controls.

“Classifying all data is a start. That way, organisations can ensure they know where their sensitive data resides, apply appropriate controls in accordance with its sensitivity and establish auditing processes to detect threats promptly.”

Share Story: