According to a recent report from AppOmni, nearly one-third (31%) of global organizations suffered data breaches involving their Software as a Service (SaaS) applications last year. The findings, based on a survey of 644 enterprises across the US, UK, France, Germany, Japan, and Australia, highlight critical vulnerabilities in cloud security practices. This represents a five percentage-point increase from the previous year, underscoring a growing concern over the management and protection of cloud-based data.
The report points to several factors contributing to these breaches. A major issue is a lack of awareness about the actual cybersecurity posture within organizations. Despite 72% of respondents claiming their SaaS cybersecurity programs are mature, there is a disconnect between perception and reality. Furthermore, 50% of respondents reported that SaaS security responsibility lies with the business owner rather than a centralized cybersecurity team, leading to fragmented security efforts.
Visibility into SaaS environments is another significant problem. Many organizations, particularly those using Microsoft 365, underestimate the number of connected applications. While respondents believe they have fewer than 10 apps connected, AppOmni’s data shows an average of over 1,000 connections. This gap in visibility makes it difficult to effectively manage and secure SaaS environments, exacerbating the risk of breaches.
Policy enforcement also remains a challenge. Although 90% of organizations have policies to govern the use of sanctioned apps, a third (34%) admit these rules are not strictly enforced. Concerns about lost intellectual property, reputational damage, and breaches of customer data are prevalent, with only 32% of organizations feeling confident in the security of their SaaS data. To address these issues, AppOmni recommends tracking data closely, implementing robust policy controls with single sign-on (SSO) and multi-factor authentication (MFA), and continuously monitoring applications to prevent configuration drift.
Reference:
