Security News > 2023 > June > Current SaaS security strategies don’t go far enough
"The attack surface in the SaaS ecosystem is widening, and just as you would secure a cloud infrastructure with Cloud Security Posture Management, organizations should secure their SaaS data and prioritize SaaS security," asserts Maor Bin, CEO of Adaptive Shield.
"In last year's survey, 17% of respondents said they were using SSPM. This year that figure has soared, with 80% currently using or planning to use an SSPM by the end of 2024. This dramatic growth is fueled by the fact that 55% of organizations stated they recently experienced a SaaS security incident, which resulted in ransomware, malware, data breaches, and more. Threat prevention and detection in SaaS is critical to a robust cybersecurity strategy spanning SaaS Misconfigurations, Identity and Access Governance, SaaS-to-SaaS Access, Device-to-SaaS Risk Management, and Identity Threat Detection & Response," Bin continued.
Current SaaS security strategies and methodologies don't go far enough: 58% of organizations estimate their current SaaS security solutions only cover 50% or less of their SaaS applications.
Investment in SaaS and SaaS security resources are drastically increasing: 66% of organizations have increased their investment in SaaS apps, with 71% increasing their investment in security tools to protect these business-critical apps.
How organizations are prioritizing policies and processes for their entire SaaS security ecosystem: Organizations are expanding their SaaS security to address a broad range of concerns in the SaaS ecosystem, including SaaS-to-SaaS Access, Device-to-SaaS Risk Management, Identity, and Access Governance, and ITDR, etc.
Companies recognize the importance of human capital in safeguarding the SaaS ecosystem, but more is needed: While 68% of organizations are ramping up investments in hiring and training staff on SaaS security, only 51% have established communication and collaboration between security and app owner teams, and an abysmal 33% currently monitoring less than half of their SaaS stack.
News URL
https://www.helpnetsecurity.com/2023/06/07/saas-apps-security/