• 07 3184 7575
  • September 30, 2024
  • 0 Comments

Is your organization truly secure when it comes to
Software-as-a-Service (SaaS) deployments?
Many Chief Information Security
Officers (CISOs) face a troubling reality: they hold accountability for
security breaches without having direct control over SaaS implementations. This
disconnect between responsibility and control can lead to serious security
vulnerabilities.

SaaS platforms are popular because they are easy to deploy
and enhance business efficiency. However, this simplicity can also lead to
significant security oversight. Often, the decision to implement SaaS
applications is made by business units without involving the security team.
This lack of visibility into SaaS deployments creates potential risks.

A recent survey by AppOmni, which analyzed 644 organizations
using SaaS, reveals a startling trend: in 50% of organizations, securing SaaS
applications is left entirely to business owners or stakeholders. Only 15% of
organizations entrust their cybersecurity teams with full responsibility for
securing SaaS implementations. This fragmented approach to security can lead to
confusion and vulnerabilities.

One of the most concerning findings is that 34% of
organizations don’t even know how many SaaS applications are in use within
their operations. For example, 49% of Microsoft 365 users believe they have
fewer than 10 applications connected to the platform. However, AppOmni’s
telemetry suggests the actual number is closer to 1,000. This gap in awareness
presents an attractive target for cybercriminals.

SaaS platforms are particularly appealing to attackers
because they often present a one-to-many opportunity. If a SaaS provider’s
system is breached, attackers can potentially access data from multiple
customers. The 2019 Capital One hack, which exposed personal information from
over 100 million credit applications, and the 2022 LastPass breach, which
compromised millions of customer passwords and encrypted data, are clear
examples of this risk.

However, not all attacks follow this pattern. The 2024
Snowflake-related breaches, for instance, involved a more complex method.
Mandiant’s research suggests a single threat actor used many stolen credentials
from various sources to gain access to individual customer accounts and then
targeted those customers.

While SaaS providers typically have robust security
measures, customers often rely too heavily on the provider’s security,
neglecting their own responsibilities. Shockingly, 8% of organizations don’t
conduct security audits because they trust their SaaS providers completely.
Yet, many SaaS breaches result from attackers using legitimate credentials to
gain access. This issue was a key topic at BlackHat 2024, where AppOmni
discussed how stolen credentials have turned SaaS applications into playgrounds
for attackers.

One of the underlying problems is a lack of understanding
within organizations regarding the SaaS principle of “shared
responsibility.” The concept is straightforward: while SaaS providers
handle infrastructure security, customers are responsible for access control.
Unfortunately, Mandiant’s research indicates that many customers fail to engage
with this responsibility, leading to breaches that could have been prevented
through better access management, such as using multi-factor authentication
(MFA) and regularly rotating passwords.

The challenge is determining where this responsibility
should reside within an organization. While security teams are best equipped to
manage passwords and MFA, only 15% of organizations assign them full
responsibility for SaaS security. Alarmingly, 50% of organizations leave this
critical task entirely in the hands of non-security personnel.

Brendan O’Connor, CEO of AppOmni, underscores the severity
of the situation: “Our report last year highlighted the disconnect between
security self-assessments and actual SaaS risks. Now, despite greater awareness
and effort, things are getting worse. The number of SaaS exploits has reached
31%, up five percentage points from last year. Despite increased budgets and
initiatives, organizations must do a far better job of securing SaaS
deployments.”

The key takeaway is clear: SaaS security needs to be a top
priority. Regardless of how easy SaaS platforms are to deploy or how much they
improve business operations, they should never be implemented without the
involvement and oversight of the CISO and the security team. Ensuring that SaaS
security is continuously managed and monitored is essential for protecting your
organization from potential threats.

Previous Post
Ransomware Payments and Cryptocurrency Theft Surge in 2024

Subscribe to our newsletter

Subscribe to our newsletter and get the latest updates on news, technology, tips, and tricks on how to securing your business.


Join Our Newsletter

Please complete this form to create an account, receive email updates and much more.
  *
 
 
*Required Fields
Note: It is our responsibility to protect your privacy and we guarantee that your data will be completely confidential.