SaaS Software | Breaking Cybersecurity News | The Hacker News

The  2022 SaaS Security Survey Report,  in collaboration with CSA, examines the state of SaaS security as seen in the eyes of CISOs and security professionals in today's enterprises. The report gathers anonymous responses from 340 CSA members to examine not only the growing risks in SaaS security but also how different organizations are currently working to secure themselves. Demographics The majority (71%) of respondents were located in the Americas, another 17% from Asia, and 13% from EMEA. Of these participants 49% influence the decision-making process while 39% run the process itself. The survey examined organizations from a variety of industries, such as telecommunications (25%), finance (22%), and government (9%).  While there are many takeaways from the survey, these are our top seven.  1: SaaS Misconfigurations are Leading to Security Incidents Since 2019, SaaS misconfigurations have become a top concern for organizations, with at least 43% of organizations reporting

Enterprises depend on SaaS applications for countless functions, like collaboration, marketing, file sharing, and more. But problematically, they often lack the resources to configure those apps to prevent cyberattacks, data exfiltration, and other risks. Catastrophic and costly data breaches result from SaaS security configuration errors. The Verizon 2020 Data Breach Investigations Report found that errors are the second largest cause of data breaches, accounting for about one in three breaches. Of those, misconfigurations are by far the most common, often resulting in the exposure of databases or file system contents directly on a cloud service. Businesses tend to be as vulnerable as the weakest security settings they have enabled for their SaaS applications. To illustrate, Adaptive Shield's team has discovered SaaS setting errors that leave companies open to one-click corporate espionage, exposing their entire cloud, along with massive amounts of video conferencing data in t

As work ebbs with the typical end-of-year slowdown, now is a good time to review user roles and privileges and remove anyone who shouldn't have access as well as trim unnecessary permissions. In addition to saving some unnecessary license fees, a clean user inventory significantly enhances the security of your SaaS applications. From reducing risk to protecting against data leakage, here is how you can start the new year with a clean user list.  How Offboarded Users  Still  Have Access to Your Apps When employees leave a company, they trigger a series of changes to backend systems in their wake. First, they are removed from the company's identity provider (IdP), which kicks off an automated workflow that deactivates their email and removes access to all internal systems. When enterprises use an SSO (single sign-on), these former employees lose access to any online properties – including SaaS applications – that require SSO for login.  However, that doesn't mean that former employee