SANS 2022 Cloud Security Survey
Over the past several years, we have seen more and more examples of vulnerabilities in cloud assets, cloud service provider outages, sensitive data disclosure, and breaches involving the use of public cloud environments.
The 2021 Data Breach Investigations Report from Verizon, released in the second quarter of 2021, noted that compromised external cloud assets were more common than on premises assets in both incidents and breaches. Many attacks targeted credentials that were then used to access cloud-based collaboration and email services, as well. Even with these types of security issues, we continue to see rapid growth in moving workloads to the cloud, building new applications in the cloud, and subscribing to a wide range of SaaS and other cloud services.
The goal of the SANS 2022 Cloud Security Survey is to provide additional insight into how organizations are using cloud today, the threats security teams are facing in the cloud, and what we are doing to improve security posture in the cloud, as well. This year, we again had several hundred respondents, who represented a number of industries. Figure 1, seen on the next page, provides a snapshot of the demographics for the respondents to the 2022 survey.