2022 SaaS Security Survey Report
The explosion in the number and variety of SaaS apps used by enterprises has created both opportunities and challenges. Many recent breaches and data leaks have been tied back to misconfigurations in the cloud, especially in the SaaS stack.
The cybersecurity department’s mission is to ensure that their security hygiene remains intact and therefore needs an accurate and comprehensive understanding of the potential attack surface of their SaaS stack.
Our 2022 SSPM Survey Report with CSA dives into how CISOs today are managing the burgeoning SaaS app attack surface and the steps they are taking to secure it.
Among the survey’s key findings:
Up to 63% of respondents have had a SaaS misconfiguration lead to a security incident in the past year. This is especially striking as in a similar CSA survey, they found that number for IaaS misconfigurations to be 17%.
The leading causes of SaaS misconfigurations are cited as lack of visibility and too many departments with access.
Investment in business-critical SaaS applications is outpacing SaaS security tools and staff.
Manually detecting and remediating SaaS misconfigurations is leaving organizations exposed. Nearly half (46%) can only check monthly or less frequently, and another 5 percent don’t check at all.
56% report that lack of visibility into 3rd party application access is their top concern, closely followed by lack of visibility into the overall SaaS security settings.