NEW YORK, Sept. 3, 2024 /PRNewswire/ -- Suridata, a leader in SaaS security solutions, is proud to announce the release of its latest trend report. This report provides an in-depth analysis of the current state of SaaS security based on a survey of IT and security professionals, coupled with data from the Suridata platform.
Key Findings:
1. Shadow SaaS: Unmanaged SaaS applications remain a critical blind spot, especially in mid-market companies, where 54% of SaaS applications are unknown or unmanaged.
2. Widespread SaaS Security Risks: The report reveals that a staggering 88% of organizations have experienced a SaaS breach, despite 41% of respondents rating their SaaS security as "Good" or "Excellent."
3. Configuration Issues: Misconfigurations in identity and access control, data and sharing permissions, session management, and password security are prevalent, posing substantial risks.
4. Inefficient Monitoring: Monitoring of third-party, machine-to-machine SaaS integrations is inadequate, with many organizations relying on periodic manual reviews or "need to" basis assessments.
5. Mixed Efficacy of Countermeasures: Existing security measures, particularly those addressing third-party integration and machine-to-machine risks, are found to be deficient.
6. Variations by Organization Size: Mid-market firms (1,000-5,000 employees) face more SaaS security challenges compared to larger enterprises, including higher incidences of Shadow SaaS and unauthorized use of Generative AI tools.
7. Data Leakage Concerns: Data leakage or loss was cited as the most significant security challenge by 28% of respondents.
Executive Summary:
The report emphasizes that SaaS security requires distinct approaches compared to traditional on-premises software. SaaS environments are prone to misconfigurations, unsecure third-party connections, and identity and access management issues. The findings highlight the need for improved security practices and more robust configuration management to safeguard against these risks.
Research Insights:
- Responsibility for SaaS Security: 49% of respondents indicated that the IT department is responsible for SaaS security, followed by the InfoSec department at 36%.
- Perception vs. Reality: Despite high self-perceived ratings of SaaS security, the report shows a disconnect with actual breach experiences.
- Security Measures: IdP/SSO and MFA are the leading security measures, yet 16% of employees still operate without SSO enforcement.
- Generative AI Usage: The use of Generative AI tools without authorization is highest among mid-market companies.
Download the report here and the infographics here
About Suridata:
Suridata's SaaS runtime security solution detects and prevents breaches originating from SaaS applications, safeguarding enterprises against exploitation of existing attack paths.
The extensive use of SaaS applications, APIs, and service accounts creates a complex SaaS network with thousands of interconnections. Suridata maps this network and the associated risks, connects the dots to understand the attacker's perspective, and identifies active attack paths that can be exploited. With Suridata's solution, security teams can break these attack paths and respond to critical risks effectively.
Suridata Media Inquiries:
Contact: Levona Simha, VP Marketing
Email: Levona@suridata.ai
Phone: +972-523536638
Website: www.suridata.ai
Logo - https://mma.prnewswire.com/media/2477426/4849031/Suridata_Logo.jpg
Share this article