By Hananel Livneh, Head of Product Marketing, Adaptive Shield
Successful cyberattacks tend to hit companies with the force of an 80-foot wave. The initial damage is quickly apparent. Like ships that lose railings and experience instability, businesses are immediately faced with lost data, ransom payments, and revenue losses, depending on the nature of the attack.
It isn’t until later that the real damage can be assessed. Structural damage to the bow, aft, and bottom of the boat can render the ship unusable. Likewise, the damage to a company’s reputation can be severe.
Trust is one of the key elements in the customer relationship. When cyberattacks lead to data breaches and the publication of personal information, trust is eroded, resulting in additional fallout from the attack – the loss of customers.
These breaches can be a big deal. According to IBM’s Cost of a Data Breach Report 2022, the average company sees a $1.42M drop in business as a result of a breach. This lost business, ascribed to reputational damage, is often unrecoverable as customers move on to competitors who appear to be more careful with their data.
Most businesses understand that loss of confidence leads to eroding trust which turns into a loss of customers. What they fail to understand is that without proper security measures in place, the SaaS stack can be the target of an attack.
Breaching the SaaS App
SaaS applications are the darlings of the business world. They promise – and deliver – low-cost technology solutions that don’t require maintenance and can be used by anyone, anywhere. That’s why the SaaS market is projected to grow from $251 billion in 2022 to $883 billion by 2029.
However, there is a dark side to SaaS applications. The anytime, anywhere nature of SaaS apps coupled with collaborative tools makes them accessible to threat attackers and vulnerable to breaches.
There are a myriad of ways threat actors can access a SaaS application. Sophisticated phishing attacks on employees, keylogger malware on devices with poor hygiene, stealing session tokens from authenticated endpoints, and attempted entry via brute force attacks, to name just a few. Threat actors are constantly looking for new ways to gain access to the SaaS stack.
Malicious third-party applications can provide access to everything stored on the organization’s cloud-storage drive. Even non-malicious SaaS-to-SaaS access can be weaponized and provide threat actors with access.
Reputational Damage Impacts Every Vertical
Once SaaS applications are breached and data has been compromised, it is only a matter of time before the story hits the media because often, government mandates require disclosure. HIPAA laws require US healthcare facilities to notify prominent media outlets when breaches impact more than 500 patients. Financial Institutions are required to report certain data breaches within 36-72 hours. Proposed legislation would require publicly traded tech companies to disclose breaches within 4 business days.
The impact these disclosures have on companies is severe. Patients lose faith that their protected health information (PHI) is safe, while bank customers question their financial institution’s ability to secure their funds and tech stockholders invest their money in more reliable companies.
Customers often churn away from companies that are incapable of securing their data, leading to drops in market share and revenue. Vendors and partners tend to shy away from victimized companies, afraid to be associated with companies that are now notoriously poor with securing data and holding onto their secrets. Optus, Australia’s second largest telecom provider, saw 10% of their customers churn in the month after the attack, and surveys showed that 56% were considering changing their service provider in response to the attack.
Preventing a SaaS Disaster
Attempted SaaS breaches don’t have to end catastrophically. Most breaches are fully preventable. SaaS applications are remarkably secure, with an array of security settings fully capable of denying access to threat actors, but their security measures are only effective when deployed correctly.
Solutions like SaaS Security Posture Management (SSPM) platforms can prevent data breaches by identifying high-risk settings and alerting security teams when they need to be updated. They also review third-party connected apps, and detect threats before they become full-blown breaches. These automated platforms oversee the entire SaaS stack, rather than just a handful of top-priority SaaS apps.
While there are some activities that may limit the damage caused by a cyberattack, investing in SaaS security tools is the first step. SSPMs protect data as they detect threats, identify high-risk misconfigurations, and monitor risk from third party applications.