In our first post, we talked about how companies will utilize secure data sharing to get more value out of data. Next year, we’re all confident that data will become even more critical to business and will continue consolidating in the Cloud. But this consolidated data pool will have the unfortunate side effect of drawing criminal attention. Data that used to exist in specific, disparate software or databases such as Workday, Salesforce or SAP is being uploaded into a consolidated cloud database, accessible from all over the world, with a single username and log in supplying entry. As this trend continues, these cloud data platforms will become an even more attractive target for “hackers.”
But can it even be called “hacking” when companies leave the door open? Many of the most well-known data breaches of the last few years were the result of misconfigured cloud database or application security. A June 2021 IDC survey of CISOs and security decision makers showed that almost 100% of companies had experienced a cloud data breach in the past 18 months.
While data warehousing has been growing for the last ten to twenty years, at the beginning, only a small group of individuals had access to the data. As the realization of the possibilities this information provides has spread across the business, there has been an increased push to democratize access. Companies have started handing out access to data like Oprah handed out car keys – “You get credentials, and you get credentials, and you get credentials!” This, along with the growth in data sharing, increases the credentialed access threat potentially by an order of magnitude. And that unfortunately means, for the sixth year in a row, we will likely see “credentialed access” as one of the top drivers for data breaches in the 2022 Verizon Data Breach Investigation Report and the IBM Cost of a Data Breach Report.
Watch our blog for more predictions to come around new risks to data, the crucial role of data in the business, and the regulatory environment ahead…