Next DLP (“Next”), a leader in insider risk and data protection, today revealed that nearly three quarters (73%) of security professionals admit to using SaaS applications that had not been provid...
Research reveals one in ten security professionals admit to having suffered a data breach as a result of Shadow SaaS, but still regularly use unauthorized tools
BOSTON & LONDON: Next DLP (“Next”), a leader in insider risk and data protection, today revealed that nearly three quarters (73%) of security professionals admit to using SaaS applications that had not been provided by their company’s IT team in the past year. This is despite the fact that they are acutely aware of the risks, with respondents naming data loss (65%), lack of visibility and control (62%) and data breaches (52%) as the top risks of using unauthorized tools. Adding to this, one in ten admitted they were certain their organization had suffered a data breach or data loss as a result.
A survey of more than 250 global security professionals, conducted at RSA Conference 2024 and Infosecurity Europe 2024, also revealed that despite having a laissez-faire attitude towards Shadow SaaS, security professionals have taken a more cautious approach to GenAI usage. Half of the respondents highlighted that AI use had been restricted to certain job functions and roles in their organization, while 16% had banned the technology completely. Adding to this, 46% of organizations have implemented tools and policies to control employees’ use of GenAI.
“Security professionals are clearly concerned about the security implications of GenAI and are taking a cautious approach,” explains Next DLP’s Chief Security Officer, Chris Denbigh-White. “However, the data protection risks associated with unsanctioned technology are not new. Awareness alone is insufficient without the necessary processes and tools. Organizations need full visibility into the tools employees use and how they use them. Only by understanding data usage can they implement effective policies and educate employees on the associated risks.”
The research also provided a snapshot of how security professionals view their organization’s training and overall understanding of the risks of Shadow SaaS:
“Clearly, there is a disparity between employee confidence in using these unauthorized tools and the organization’s ability to defend against the risks,” adds Denbigh-White. “Security teams should evaluate the extent of Shadow SaaS and AI usage, identify frequently used tools, and provide approved alternatives. This will limit potential risks and ensure confidence is deserved, not misplaced.”
For further insights into the survey results, please see the full results report linked here. Or, for more information about Shadow SaaS and AI, and the possible defences, visit the Next DLP website.
Methodology
The survey of more than 250 global security professionals was conducted at RSA Conference 2024 and Infosecurity Europe 2024. Each respondent was asked the same ten questions surrounding Shadow SaaS and Shadow AI usage within their organisation, the implied security risks, and the policies and security tools their company has in place.
About Next DLP
Next DLP ("Next") is a leading insider risk and data protection solution provider. The Reveal Platform by Next uncovers risk, stops data loss, educates employees, and fulfils security, compliance, and regulatory needs. The company's leadership brings decades of cyber and technology experience from Fortra (f.k.a. HelpSystems), Digital Guardian, Crowdstrike, Forcepoint, Mimecast, IBM, Cisco, and Veracode. Next is trusted by organisations big and small, from the Fortune 100 to fast-growing healthcare and technology companies. For more information, visit www.nextdlp.com.
Fonte: Business Wire
Successfully completing a Proof of Concept implementation in Athens, the two Italian companies prove that QKD can be easily implemented also in pre-existing…
Eni's VC company invest in the Italian drone company to develop new solutions for industrial plants monitoring
Oracle recognizes Technology Reply’s ability to develop and deliver pioneering solutions through partnering with Oracle
Scheduled for October, the world's largest startup event will bring together more than 2,000 exhibitors in Dubai, UAE
Jenzabar, Inc., a leading technology innovator in higher education, today announced that Jenzabar One was named a Leader in the IDC MarketScape: North…
2024 AUDIT & BEYOND CONFERENCE — AuditBoard, the leading cloud-based platform transforming audit, risk, compliance, and ESG management, wrapped up…
TechCrunch Disrupt 2024 will feature cutting-edge technology from 24 tech startups from South Korea. The Korea Pavilion is presented by Korea Trade-Investment…
In response to the growing demand for AI skills in the workforce, University of Phoenix is excited to announce the launch of new career-focused skill…