Pretty much every company has suffered some kind of cloud data breach

Some have experienced it multiple times

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Virtually all businesses experienced at least onecloud databreach in the past 18 months, a new survey has claimed.

Conducted by IDC on behalf of cloud infrastructure security company, Ermetic, the survey discovered that 98% of the surveyed companies admitted to experiencing at least one cloud data breach in the past 18 months, compared to 79% last year.

More worryingly, a sizable majority (67%) reported experiencing upwards of three such cloud breaches.

During these breaches, 63% of the surveyed businesses admitted to exposing sensitive data. If you only consider companies with annual cloud infrastructure budgets of over $50 million, this figure surprisingly jumps to 85%.

Inadequate cloud security

The survey points to the fact that even companies with considerablecloud computinginfrastructure budgets aren’t investing enough to protect their assets on the cloud.

A majority (60%) of the surveyed security decision makers consider lack of visibility as well as inadequateidentity and access management(IAM) a major threat to their cloud infrastructure.

“Even though nearly 70% of companies invest more than 25 hours a week on cloud identity management, the survey found that 83% had at least one access-related cloud data breach,” said Shai Morag, CEO of Ermetic.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

No surprise then that the respondents cite “access risk” and “infrastructure security” among their top cloud security priorities for the next 18 months, even as 85% of the surveyed businesses said they plan to increase their security spending this year, with a significant portion directed towards cloud infrastructure security.

Ermetic is using the results of the survey to suggest that an effective cloud infrastructure security strategy should focus on identities, permissions and entitlements to truly protect against risk.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Another reason to avoid edge-lit 4K TVs: they may fail faster than others, according to this report