Odaseva has released the findings of a global survey that shows that organizations are largely unprepared for ransomware attacks on their data stored in SaaS platforms. Attacks on SaaS data are an increasingly common cyber security target, and they succeed in encrypting SaaS data half the time, leaving only half of the victims able to fully recover.
The survey queried senior data professionals at large enterprises of 10,000 employees or more.
Key findings include:
- Half (48 percent) of organizations have experienced a ransomware attack over the past 12 months, and SaaS data was the target of more than half of them (51 percent).
- Data in public infrastructure clouds like Amazon Web Services, Microsoft Azure and Google Cloud was the top target, while endpoints, such as laptops and mobile devices, (61 percent) and on-premises data (56 percent) came in at second and third, respectively.
- Ransomware attacks on SaaS data were the most likely to be successful with 52 percent of them penetrating enterprise defenses / defences to encrypt the data.
- Attacks targeting data in public infrastructure clouds, on the other hand, were only successful 42 percent of the time.
- On-premises and endpoint data attacks were successful 46 percent and 51 percent of the time, respectively.
- Only half (50 percent) of organizations whose SaaS data was successfully attacked were able to fully recover their data, the lowest rate of all environments, highlighting the urgent need for enterprises to implement an effective SaaS data protection solution.
- More than eight in 10 (81 percent) organizations were able to recover all their data from a successful attack on on-premises data, while just over half were able to fully recover endpoint (55 percent) and public cloud (53 percent) data.
- While all companies reported they had some form of SaaS backup, only 43 percent said they backed up all of their SaaS data, which leaves 57 percent of companies at least partially unprotected. Similarly, 59 percent of enterprises don’t protect all of their data in public infrastructure clouds.
- Managers and executives at only 28 percent of organizations are ‘very’ confident about their ability to recover after a cloud or SaaS ransomware attack, with 69 percent saying they are ‘somewhat’ confident.
- When asked why they are concerned about their ability to recover, organizations are most concerned that their recovery process for SaaS data is so complex, they could not get up and running quickly following a successful attack (69 percent). They are also concerned that a single user becoming infected could sync the malware into the entire system (56 percent).
- Regarding vectors of attack on SaaS data, their top concerns are stolen user credentials (67 percent) and malicious or vulnerable third party apps (58 percent).
The survey was commissioned by Odaseva and fielded by Dimensional Research in August 2022. Independent sources of data stakeholders were invited to participate, resulting in responses from 157 executives or team managers with decision making responsibility for public cloud and SaaS environments from North America, EMEA and APAC completed the survey. All had decision making responsibility for data solutions for both IaaS and SaaS cloud environments. All worked for a company with more than 10,000 employees.
Download the full report ‘The State of SaaS Ransomware Attack Preparedness’.