Over 55% of security executives report that they have experienced a SaaS security incident in the last two years — from data leaks and data breaches to SaaS ransomware and malicious apps (as seen in figures 1 and 2).
|Figure 1. How many organizations have experienced SaaS security incidents in the last two years|
That SaaS Security Survey Report: Plans and Priorities for 2024, developed by CSA in conjunction with Adaptive Shield, dives into these SaaS security incidents and more. This report shares the perspectives of more than 1,000 CISOs and other security professionals and highlights SaaS risks, existing threats, and how organizations can prepare for 2024.
SaaS Security Incidents Are On The Rise
Anecdotally, it’s clear that SaaS security incidents have increased over the past year. More headlines and stories covering SaaS breaches and data leaks than ever before. However, this report provides stunning context to those headlines.
As seen in figure 1, 55% of organizations experienced a SaaS incident in the last 24 months. These incidents include data leaks (58%), malicious third-party applications (47%), data breaches (41%), and SaaS Ransomware (40%), as seen in figure 2.
|Figure 2. Types of security incidents experienced by organizations|
The Current SaaS Strategy Is Not Enough
One of the reasons for the rise in security incidents is that current solutions are not widely used. 7% of respondents claim to have monitored 100% of their SaaS stack with 68% reporting that they monitor less than half of their SaaS stack.
Current SaaS security practices, such as Cloud Access Security Brokers (CASB) and manual auditing, are not sufficient to cover a SaaS stack. Unfortunately, these solutions are unable to meet the increasing usage and demands of modern SaaS stacks. Enterprises currently have to secure hundreds of thousands of configurations and oversee thousands of user accounts while checking thousands of connected third-party applications, which is beyond the capabilities of CASB and taxing the resources of any manual effort.
|Figure 3. Percentage of SaaS applications that are fully covered and monitored by CASB or manual audits|
Widespread Application Ownership
In response to increasing incidents of SaaS, organizations report that they are now prioritizing SaaS Security. Surveys show that more executive level leaders are involved in securing their SaaS stacks and CISOs and security managers appear to be moving from a controller role to a governor role in securing their SaaS stack.
There are layers of responsibility involved in securing each application because often the ownership of the application resides in different business departments throughout the organization, where the security team is most responsible.
|Figure 4: The increasing number of roles involved in SaaS security makes it harder to know who is in charge|
SaaS Security Plan for 2024
The report also highlights how organizations create policies and processes to address key SaaS security issues. While many have a way to go, they are building a solid foundation for this domain:
- SaaS configuration error
- Third party connected apps
- User device accessing the SaaS application
- Identity and access governance
- Threat detection
- Data loss management
Companies Increase Investment in SaaS and SaaS Security
In addition to improving their policies and adding executive stakeholders, it’s no surprise that organizations are also increasing their SaaS spending. Over the past year, 71% of organizations have increased their investment in SaaS security tools, while 63% have hired more personnel or increased training for SaaS security.
|(Left) Figure 5. Changes in organizational investment over the past year | (Right) Figure 6. How many organizations are currently using or planning to use the SSPM platform|
One of the main investment areas is SaaS security. A year ago, in the 2022 SaaS Security Report, 17% of respondents reported having a SaaS Security Posture Management (SSPM) tool. That number has nearly tripled since then, growing to 44%, with an additional 36% intending to add SSPM to their SaaS security stack in the next 18 months. This brings the total of security executives who are already using SSPM or planning to upgrade to 80%.
Among the reasons for this sudden increase are the reported need to mitigate SaaS threats (31%), improve their company’s SaaS posture (29%), and save time in managing and maintaining their SaaS stack (23%).
|Figure 7. The top expected benefits of the SSPM solution|
Pictures of Challenges and Hopes
Ultimately, the SaaS Security Survey Report: 2024 Plans and Priorities Report reflects and measures the many changes that have impacted the industry over the past year. Threat actors are seduced by the seemingly low-value, high-value fruit of the SaaS ecosystem. SaaS cybersecurity incidents are up 12% over a year ago, and the types of attacks — breaches, data loss, and ransomware — are significant.
However, organizations face challenges maintaining their SaaS stacks. Whether they were initially attracted to SaaS applications for the cost savings, ease of access, or collaborative nature of the tool, they now recognize the need to secure their assets and the data contained within them.
It’s not surprising that they turned to the SSPM marketplace. By helping organizations identify and secure misconfigurations, protect against disruptive third-party application scopes, manage users and devices, and detect threats from across the SaaS stack, SSPM offers hope that sensitive and business-critical data stored in the SaaS stack can be guaranteed to be tight.