Software as a Service (SaaS) has become a critical element of business operations around the globe. However, their benefits often come at a price, as SaaS has led to security incidents across organizations.
The Cloud Security Alliance (CSA), a nonprofit promoting cybersecurity best practices, found that 43% of organizations have dealt with one or more security incidents caused by a SaaS misconfiguration. The CSA 2022 SaaS Security Survey Report identified cybersecurity challenges connected to Software as a Service.
According to the report, the main causes of SaaS security incidents are a lack of visibility into SaaS security setting shifts (34%) and too many departments being allowed access to SaaS security settings (35%). Forty-six percent of cybersecurity teams tasked with securing SaaS and monitoring for misconfigurations can only check for SaaS vulnerabilities on a monthly basis.
"SaaS ecosystems are becoming more difficult for security teams to configure correctly because the size, scope and complexity of enterprise SaaS ecosystems are increasing rapidly. Some of the largest SaaS platforms have essentially become a new breed of operating system for the business," said Brendan O'Connor, CEO and Co-Founder of AppOmni.
"Enterprises typically use dozens or even hundreds of SaaS platforms across their organization. Unfortunately when it comes to security, there is very little standardization across SaaS vendors, which leaves resource-constrained security teams scrambling to understand the security and configuration nuances of each SaaS platform."
For more report findings, click here.