June 7, 2023

A survey conducted by CSA and Adaptive Shield revealed an increase in the amount of security incidents within the Software-as-a-Service (SaaS) market.

According to data, over the last two years, more than 1,000 security experts have experienced SaaS-related vulnerabilities, with 55% of them having such events. These problems include data leaks, dangerous third-party apps, data breaches, and SaaS ransomware assaults.

The underlying source of this increase in security incidents appears to be inadequate application of current security measures. As a result, rules and procedures to address issues about misconfigurations, third-party app management, secure access, identity management, threat detection, and data loss prevention are being established.

The survey also reveals the ineffectiveness of typical security processes in safeguarding SaaS settings, such as Cloud Access Security Brokers (CASBs) and manual audits. Modern SaaS systems’ complexity and specialized requirements have outgrown the capability of CASBs and human labor. Tasks like managing multiple user identities, securing various configurations, and authenticating several third-party programs need a large amount of human effort and time.

Organizations are emphasizing SaaS security in response to the shifting threat landscape. According to the findings of the survey, there has been a major shift in the responsibilities of executive-level professionals, notably Chief Information Security Officers (CISOs) and security managers. They are shifting from controllers to governors of the SaaS ecosystem, taking on security responsibilities.

The sources for this piece include an article in TheHackerNews.