Centrify Research Reveals 90% of Cyberattacks on Cloud Environments Involve Compromised Privileged Credentials
Prevalence of breach attempts can be attributed to reliance on cloud as work-from-home era continues
March 17, 2021― An overwhelming percentage (90%) of cyberattacks on cloud environments in the last 12 months involved compromised privileged credentials, according to new research from , a leading provider of modern privileged access management (PAM) solutions. The new study, which surveyed 150 IT decision makers across the U.S., found that 65% of respondents saw attempted attacks on their cloud environments, and 80% of those participants’ cloud environments were successfully compromised.
To identify how reliance on the cloud and resulting risks around this attack surface have progressed a year into the work-from-home era, Centrify to survey these experts. It quickly became evident that the reliability, availability, and scalability afforded by the cloud have become critical to keep organisations up and running, and cybercriminals are taking notice.
While the majority (63%) of respondents had the foresight to make the move to cloud 3-5 years ago, one-quarter (25%) of respondents just began their cloud transition in the last two years. Nearly a third (31%) utilize hybrid and multi-cloud environments, while 45% take a private cloud-only approach, and 23% rely on public cloud. Availability was resoundingly the top cloud benefit amongst respondents (46%), followed by collaboration (28%), cost savings (15%), and scalability (9%).
Despite the prevalence of cyberattacks targeting the cloud, managing multi-cloud environments was identified as the greatest cloud transition challenge (36%), followed by cybersecurity risks and cloud migration (both 22%). In addition, 19% cited maintaining compliance in the cloud as an ongoing issue.
“Cybercriminals are capitalising on our reliance on the cloud, and they’re no longer just hacking in. They’re logging in,” said Art Gilliland, CEO, Centrify. “With almost all of the attacks on the cloud caused by stolen privileged credentials, the security stack must include a centralised PAM solution architected in the cloud, for the cloud. This approach will minimise the attack surface and control privileged access to hybrid environments, even as it evolves post-COVID-19.”
Complete results of the survey are available at . To join Centrify, the Identity Defined Security Alliance (IDSA), National Cyber Security Alliance (NCSA), and dozens of other organisations in celebrating the inaugural Identity Management Day on April 13, 2021, visit: .
For more information about Centrify solutions for managing privileged access to cloud workloads, visit .
*The survey of 150 IT decision makers across the U.S. was conducted by CensusWide in March 2021.
