When it comes to keeping SaaS stacks secure, IT and security teams need to be able to streamline the detection and remediation of misconfigurations in order to best protect their SaaS stack from threats. However, while companies adopt more and more apps, their increase in SaaS security tools and staff has lagged behind, as found in the 2022 SaaS Security Survey Report.
The survey report, completed by Adaptive Shield in conjunction with Cloud Security Alliance (CSA), dives into how CISOs today are managing the growing SaaS app attack surface and the steps they are taking to secure their organizations.
The report finds that at least 43% of organizations have experienced a security incident as a result of a SaaS misconfiguration; however, with another 20% being "unsure," the real number could be as high as 63%. These numbers are particularly striking when compared to the 17% of organizations experiencing security incidents due to an IaaS misconfiguration.
Bearing this in mind, the question follows: how fast are SaaS misconfigurations detected, and how long does it take to remediate the issue? In order to answer these questions, it's important to make a distinction between organizations that have implemented an SSPM solution and those that have not.
Manual Detection and Remediation
For organizations that are yet to onboard an SSPM, the IT and security teams can only manually check the apps' many configurations to secure their SaaS stack. This means security teams need to not only be on top of remediating misconfigurations but also conduct regular security checks in order to detect any of these misconfigurations manually. The longer either of these actions takes to be completed, the longer the company is exposed to threats.
One of the major problems for organizations' security teams is the overwhelming amount of manual work. Companies today are reliant on dozens upon dozens of business-critical apps, each with hundreds of configurations, which then need to be set according to the hundreds to thousands of employees.
Nearly half (46%) of the survey respondents, as seen in figure 2, check their SaaS security monthly or less frequently, and another 5% don't check at all. It seems that security teams are overwhelmed with the workload and are struggling to stay on top of all the settings and permissions. As organizations continue to adopt more and more apps, their gap of visibility into all configurations grows.
|Figure 2. Frequency of SaaS Security Configuration Checks|
When a security check fails, security teams must then go in and understand why exactly the check failed and the best course of action to fix it. Approximately 1 in 4 organizations, as seen in figure 3, take one week or longer to resolve a misconfiguration when remediating manually. Overall, security teams trying to manage their SaaS security is not only overwhelmed but are also, in turn, leaving the organization exposed for a longer period of time.
|Figure 3. Length of Time to Fix Saas Misconfigurations|
How SSPM Fast Tracks Remediation and Detection
Organizations using SSPM, like Adaptive Shield, are able to complete security checks more often and fix misconfigurations within a shorter time frame. An SSPM enables security teams to conduct frequent checks in compliance with both industry standards and company policy. The 2022 SaaS Security Survey Report found that the majority of these organizations (78%) run security checks once per week or more often, as seen in figure 4.
|Figure 4. Comparison of Frequency of SaaS Security Configuration Checks|
When a misconfiguration is detected, 73% of organizations using an SSPM resolved it within a day, and 81% resolved it within the week, as seen in figure 5. A good SSPM solution, however, will not only evaluate failed security checks caused by misconfigurations but will also assess risk and configuration weakness — and provide exact instruction on how to remediate the issue.
|Figure 5. Comparison of Length of Time to Fix Misconfigurations|
SSPM not only reduces the workload on security teams but also eliminates the need for them to be experts on each SaaS app and its settings. The data presented in the 2022 SaaS Security Survey Report highlights the drastic differences between companies using SSPM and those not, showing how valuable an SSPM, like Adaptive Shield, is to SaaS security detection and remediation.