I recently caught wind of a survey of 3000 cybersecurity professionals commissioned by ServiceNow and Ponemon. One of the first statistics that jumped out at me?
"57% of data breach victims said they were breached due to an unpatched known vulnerability."
And this massive number of breaches due to lack of vulnerability patching comes despite respondent companies spending "321 hours per week - or approximately 8 full time employees vulnerability response process.
So, an average of 8 people chasing a manual process and they're always behind, resulting in the majority of data breaches coming as the result of KNOWN vulnerabilities for which THERE IS A FIX?
What's the average enterprise to do?
Move to the cloud!
With cloud apps, you're not only outsourcing the application itself, you're outsourcing many of the mundane, manual tasks like patching, that your organization never quite keeps up on. Microsoft spends more than $1 Billion per year on security. Do you think you'd get patching under control if you had that kind of coin dedicated to security? Of course you would.
The fact remains that the major cloud vendors are doing a pretty good job of protecting their apps and their infrastructure against widespread, service impacting security events (such as unpatched vulnerabilities being exploited).
The enterprise cloud security and compliance challenge is not to take an inherently insecure app and make it secure. Rather, it's to secure the usage of those cloud applications. That's where Cloud Access Security Brokers come into play. I know of a great one you should try out.