It’s without a doubt that the SaaS app attack surface has been continuing to grow as businesses have become more reliant on apps to organize and run their business-critical operations. To better understand how teams are dealing with their SaaS security posture, Adaptive Shield partnered with the leading organization dedicated to promoting best practices for ensuring cyber security, Cloud Security Alliance (CSA), to develop the 2022 SaaS Security Survey Report.
The goals of the study was to understand the current state SaaS security through investigating the following key areas of interest:
- use of SaaS applications with organizations
- method, policies, and tools for assessing SaaS app security
- timeline for detecting and remediating misconfigurations in SaaS app security
- awareness of new SaaS security related products
The 2022 SaaS Security Survey Report offers insight into the industry knowledge, attitudes, and options regarding SaaS security and related misconfigurations.
Maor Bin, CEO and co-founder of Adaptive Shield says:
“This survey shines a light on what CISOs and cybersecurity managers are looking for and need when it comes to securing their SaaS stack — from visibility, continuous monitoring and remediation to other ever-growing, critical use cases such as 3rd party application control and device posture monitoring. The SSPM market is maturing rapidly — and this type of zero-trust approach for SaaS is where the SSPM market is going. ”
CSA gathered responses anonymously from 340 CSA members from IT and security professionals from various organization sizes, industries, locations, and roles. (Sponsored by CSA Corporate Members, the study’s content development and editing rights remained absent of added influence.)
Among the survey’s key findings:
- Up to 63% report that a SaaS misconfiguration led to a security incident in the past year.
- The leading causes of SaaS misconfigurations are cited as lack of visibility and too many departments with access.
- Investment in business-critical SaaS applications is outpacing SaaS security tools and staff.
- Manually detecting and remediating SaaS misconfigurations is leaving organizations exposed.
- 3rd party app access is a TOP concern
The survey concludes by suggesting key methods of improving SaaS security to help organizations implement the preventive measures that could secure them from the next breach.
If you want to see all the details, like more of organizations top SaaS security concerns, their policy when dealing with unsanctioned SaaS applications, and different methods for monitoring SaaS security configurations, download the full survey.