Most businesses using Microsoft’s Office 365 cloud productivity suite have faced multiple attempts to take over legitimate user accounts, highlighting the need to track and secure identities as they move from on-premise solutions to the cloud.
This is according to a report from cybersecurity firm Vectra, which claims that 71 percent of Office 365 deployments suffered as many as seven attempts at account takeover last year. Organizations also struggled to identify or intercept these attacks, with counter-measures taking days or even weeks to deploy.
The affected companies are mostly worried about losing access to their accounts, compromising the data they keep in the cloud and hackers using living-of-the-land attacks to hide their activities.
Despite these disheartening figures, confidence is high among security teams, many of which believe security protections in place are sufficient. Almost four in five claim to have either “good” or “very good” visibility into attacks that bypass perimeter defenses, such as firewalls. Management-level respondents, meanwhile, exhibit an even greater confidence in their solutions.
“Senior managers invest a fortune in technology and think they’ve ticked the security box. While the investment is certainly welcome and helps us reduce risk, in reality it isn’t that simple,” said Kevin Orritt, ICT Security Manager at Greater Manchester Mental Health NHS Foundation Trust.
“We still need the people to be able to interpret and action the alerts and make sure that we’re actually measuring the right things. Attack vectors are constantly changing and security teams need to be sure they’re able to adapt to prevent, defend and mitigate an increasing array of attack vectors with security teams that are being stretched to the limits.”
Vectra polled 1112 IT security decision-makers for the report.