Compromised cloud accounts cost companies an average of $6.2 million each year, according to research from Ponemon Institute on behalf of Proofpoint released Wednesday. The research is based on a survey of 662 IT and IT security professionals in the U.S.
More than two-thirds of professionals say the compromised accounts represent a "significant security risk "to their companies, while about half of the survey respondents say the incidents have become more frequent and severe over the past 12 months.
Microsoft 365 and Google Workspace accounts have been heavily targeted using either brute force or phishing attacks, according to 57% of respondents. Fifty-one percent of respondents said phishing is the most heavily used method of attack.
Cloud-based applications, which are being deployed more frequently since enterprises largely went remote in March 2020, are creating heightened security risks for corporate security professionals.
Organizations experience 138 hours of application downtime per year due to compromised cloud accounts, according to the Ponemon Institute report. IT and IT security teams spend nearly 1,200 hours per month, totaling 14,184 hours per year, dealing with an average of 64 cloud account compromises.
"In the last year, we've witnessed more sophisticated attacks as well as an increase in attack surfaces," a Microsoft spokesperson said via email.
Microsoft embraces built-in identity defenses as part of a zero trust strategy, the spokesperson said, adding that Microsoft 365 takes a multi-layered approach to security and protecting sensitive data.
Microsoft is aware weak passwords and password spraying are the entry point for the majority of attacks. It's important for users to keep up basic security hygiene and Microsoft Azure or 365 users need to turn on multifactor authentication, which they can do without any additional charge.
In many cases workers were also bringing unapproved apps into the corporate environment. Three-quarters of IT professionals said introducing applications or tools without the approval of IT teams creates additional risk, according to the Ponemon Institute study.
When unapproved apps are deployed in the corporate environment, they can open up the network to attackers in ways that IT security officials can’t anticipate. Shadow IT puts sensitive data at risk and companies should embrace a cloud-based security broker to further protect data, a December report by Gartner warned.
Google officials did not immediately return a request for comment.