Alert Logic State of Cloud Security Report Finds Half of All Enterprises Threatened by Web Application Attacks

Research conducted by leading provider of Security-as-a-Service shows on-premise IT more likely to be attacked than cloud-based infrastructures

HOUSTON, TX – September 18, 2012 – Alert Logic, the leading provider of Security-as-a-Service solutions for the cloud, today released findings of the company’s semiannual State of Cloud Security Report. The research is based on operational data from over 1,600 business customers with IT infrastructure in both on-premise and service provider and cloud environments, analyzed by the company’s security research team to compare the occurrence, frequency and diversity of more than 70,000 security incidents across seven categories of security threats.

Overall, the report found that on-premise IT infrastructure is more likely to be attacked, more often, and through a broader spectrum of attack vectors than cloud-based infrastructures, countering security concerns about the cloud. Of notable concern is the continuing prevalence of web application attacks affecting customers in both cohorts.

“Web application-level attacks are still in the majority in many different environments,” said Wendy Nather, research director of enterprise security at 451 Research. “For this reason, it matters less whether an application is on-premise or in the cloud; the more important issue is whether its protection is being properly managed. Enterprises should take both available security expertise and resources into account when deciding where to host their systems.”

Key findings from the State of Cloud Security Report – Fall 2012:

  • Roughly half of all enterprises are victims of web application attacks: Web application attacks were experienced by 53% of service provider environments and 44% of on-premise environments. Even more concerning is that about two-thirds of these attacks were made by freely-available downloadable tools.
  • Variations in threat activity among industries are less important than the environment where infrastructure is located: It is not safe to assume that any particular industry is not targeted by attackers, or that an organization is too small to be targeted. Analysis suggests that many attacks are simply opportunistic in nature.
  • The cloud is no less safe than the on-premise environment: For every incidence class, the number of incidents per impacted customer was higher in the on-premise environment. The average number of web application attacks is 61.4 among on-premise customers and 27.8 on service provider customers. Brute force attacks and reconnaissance attacks were also experienced with higher frequency in on-premise environments.
  • Unsecured personal computers in the U. S. lead to high attack rates: The U.S. was the country of origin for 33 percent of the incidents analyzed in this study, including 35.4 web application attacks per impacted customer.
  • Global indicators reveal that attacks originating in the East lead to breaches in the West: The research noted an especially high frequency of incidents per customer impacted for reconnaissance attempts originating in China. This suggests a scenario in which hackers in China are doing reconnaissance, identifying vulnerable workstations in the bandwidth-rich U.S., adding those machines to botnets and using them to launch attacks on nearby targets. [Infographic available.]

“Unfortunately, the cloud security myth is a stereotype that has prevented the industry from focusing on the real issues impacting enterprise security,” said Stephen Coty, research director at Alert Logic. “Rather than falling victim to perception-based beliefs, businesses should leverage factual data to evaluate their vulnerabilities and better plan their security posture.”

To view a free downloadable copy of the State of Cloud Security Report – Fall 2012, please visit www.alertlogic.com/csr.

Additional Resources Available: Blog @alertlogic on Twitter LinkedIn

About Alert Logic Alert Logic, the leader in security and compliance solutions for the cloud, provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Fully managed by a team of experts, the Alert Logic Security-as-a-Service solution provides network, system and web application protection immediately, wherever your IT infrastructure resides. Alert Logic partners with the leading cloud platforms and hosting providers to protect over 3,300 organizations worldwide. Built for cloud scale, the Alert Logic patented platform stores petabytes of data, analyses over 400 million events and identifies over 50,000 security incidents each month, which are managed by its 24×7 Security Operations Center. Alert Logic, founded in 2002, is headquartered in Houston, Texas, with offices in Seattle, Dallas, Cardiff, Belfast and London. For more information, please visit www.alertlogic.com.