Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.


333 West San Carlos Street
San Jose, California 95110
United States


ChannelPro Network Awards

hello 2
hello 3

Press Releases

May 10, 2019 |

Nine-in-Ten Data Breaches in the Cloud Caused by Social Engineering, Finds Kaspersky Lab

SMB and enterprise IT leaders worry about data security practices at third-party cloud providers, but social engineering tactics are a bigger threat

Many companies expect cloud providers to be responsible for the safety of data stored on their platforms, but according to a new†Kaspersky Lab†report, cybersecurity incidents in the cloud are most often caused by a cloud customer’s employees, rather than by the provider themselves. The†research†found that for companies who have experienced a data breach affecting their public cloud infrastructure, social engineering was part of the attack for 88% of SMBs and 91% of enterprises.

Cloud adoption allows organizations to benefit from more agile business processes, reduced capital expenditure, and faster IT provision. More than a third (37%) of SMBs and half (50%) of enterprises are currently using public cloud services, with many planning to increase their usage. However, when making the shift to the cloud, many organizations worry about infrastructure continuity and the security of their data.

The consequences of an IT security incident can make the benefits of cloud redundant, and instead evoke painful costs and reputational damage. Knowing this, at least a third of those surveyed in both SMB and enterprise companies (35% at SMBs and 39% at enterprises) are concerned about incidents affecting IT infrastructure hosted by a third party.

However, while organizations are primarily worried about the integrity of external cloud platforms, they are far more likely to be affected by weaknesses closer to home, such as phishing and other social engineering tactics. A successful breach carried out using social engineering will cost an SMB $206,000 on average, rising to over $2 million for an enterprise.

Kaspersky Lab’s research found that there is still room for improvement to ensure adequate cybersecurity measures are in place when working with third-party providers. For example, only 39% of SMBs and 47% of enterprises have implemented tailored protection for the cloud. This may be due to businesses relying on the cloud infrastructure provider for cybersecurity, rather than taking matters into their own hands. Alternatively, businesses may have false confidence that standard endpoint protection offers adequate security for cloud environments.

“The first step for any business when migrating to the public cloud is to understand who is responsible for their business data and the workloads held in it,” said Maxim Frolov, vice president of global sales at Kaspersky Lab. “Cloud providers normally have dedicated cybersecurity measures in place to protect their platforms and customers, but when a threat is on the customer’s side, it is no longer the provider’s responsibility. Our research shows that companies should be more attentive to the cybersecurity hygiene of their employees and take measures that will protect their cloud environment from the inside.”

Kaspersky Lab advises businesses to take the following measures, to ensure their data remains secure in the cloud:

  • Teach employees to understand and recognize that they can become victims of cyberthreats. Train them to avoid clicking on links or open attachments in communications from unknown users. Dedicated awareness training, such as gamified†Kaspersky Security Awareness, can help with this.
  • To minimize the risk of unapproved use of cloud platforms, educate staff about the negative effect of shadow IT and establish procedures for purchasing and consuming cloud infrastructure for each department.
  • Use an endpoint security solution to prevent social engineering attacks. It should include protection for mail servers, mail clients and browsers.
  • Implement protection for your cloud infrastructure as soon as possible after migration. Choose a dedicated cloud cybersecurity solution with a unified management console to manage security across all cloud platforms, and support automatic detection of cloud hosts, as well as auto-scale the roll out of protection to each one.
  • Kaspersky Hybrid Cloud Security†offers businesses multi-layered protection for multi-cloud environments, unified cybersecurity, and seamless orchestration. The solution detects common and complex threats and protects the entire cloud infrastructure — from on-premise virtualized environments to public cloud platforms — such as AWS and Microsoft Azure.

The full report, ‘Understanding security of the cloud: From adoption benefits to threats and concerns’, is available†here.

Editor’s Choice

Broadcom-VMware Shakeout: How the Channel Has Been Affected By the Big Industry Acquisition

April 11, 2024 |

Industry experts weigh in on the “messy breakup” that MSPs were left with after Broadcom’s acquisition of VMWare.

Selling Cybersecurity: How MSPs Can Become Crucial Partners in Managing Risk

March 27, 2024 | David Powell

MSPs should try to bring an end customer into the cybersecurity fold. Here are some ways to help drive that.

3 Questions with Ingram Micro’s Sanjib Sahoo on Integrating AI into Managed Services

March 25, 2024 |

Ingram Micro’s EVP and chief digital officer shares some insights on how MSPs can effectively integrate artificial intelligence into their business operations.

Related News

Growing the MSP

Explore ChannelPro


Reach Our Audience