Although most businesses have encountered security breaches or incidents over the past year, the vast majority of organizations still express confidence in their SaaS security status.
This is based on the latest research released by AppOmni, which points out that SaaS is one of the most attacked targets in the enterprise's attack surface.
The study includes a survey of more than 800 leaders and policy makers in the security field, which the report warns is one of the most defensive areas in modern enterprises.
The risks faced by enterprises in this regard are increasing, and the SaaS market is also expanding. The number of applications that enterprises now use is dozens or even hundreds.
For example, the survey found that more than half of enterprises are using at least 50 SaaS solutions, while more than one-third have 100 or more SaaS applications.
It is worth noting that up to 75% of enterprises have experienced SaaS data breaches or security incidents in the past 12 months. However, the study also found that 89% of the companies believed that they had sufficient visibility into their SaaS environment.
AppOmni CEO Brendan O'Connor said the study revealed a growing disconnect between the threats facing companies and their ability to respond.
“The data shows a worrying 'control hallucination' that the vast majority of security leaders are confident about their SaaS security situation, although many of them are facing SaaS-related security incidents,” O'Connor said.
“SaaS risks today are not theoretical threats – they are real and are affecting the operations of enterprises.”
Important issues of SaaS security
According to AppOmni's survey, data security remains one of the most concerned issues for enterprises. 57% of respondents listed data breaches and intellectual property losses as their biggest concerns.
Meanwhile, slightly more than one-third (37%) of respondents expressed serious concerns about the leak of customer data.
Additionally, AppOmni warns that AI is changing the way security teams work, especially in governance. For example, nearly two-thirds (61%) of respondents said they expect AI to dominate the discussion on SaaS security in the coming year.
Respondents also pointed out that the regulatory demand for non-human identity and generative AI tool access in SaaS applications is rising.
In terms of tool support, the gap is still obvious. Although nearly one-third of respondents said they needed a dedicated SaaS security situation management (SSPM) solution, only 13% of enterprises currently use such tools.
Safety practice and risk management status
A key issue mentioned in AppOmni's research is the ongoing lack of basic security practices. For example, nearly half (41%) of security incidents are due to permission issues, while 29% are due to configuration errors.
AppOmni notes that this shows that there is still a lot of work to be done in improving overall safety awareness and best practices.
In addition, the research also pointed out that the risk management practices of enterprises still need to be improved. Only slightly more than half (52%) of businesses evaluate SaaS-related security risks only through regular reviews.
The company notes that this practice leads to critical vulnerabilities and threats that may be permanent and undetected. Currently only 43% of enterprises have achieved continuous or near real-time monitoring.
Problems of excessive trust in suppliers
The most worrying point in the survey is the complacency and overconfidence of enterprises in terms of SaaS security.
A little over half (53%) of respondents said they were relieved about the security situation in this area, but many of them were based on trust in SaaS vendors rather than their own verification.
Only 16% of respondents handed over SaaS security responsibility entirely to the security team, while 43% of companies handed over the responsibility to different business units.
"The key lesson that businesses need to understand is that visibility does not equal security, and trust in SaaS vendors cannot be considered a security policy," said O'Connor.
“We need to move from temporary, passive processes to mature, standardized approaches based on continuous monitoring and clear responsibilities.”
Be sure to follow php.cn's Google News for our latest news, analysis and comments.
The above is the detailed content of SaaS security is now a major blind spot for enterprises. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undress AI Tool
Undress images for free
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
New study claims AI 'understands' emotion better than us — especially in emotionally charged situations
Jul 03, 2025 pm 05:48 PM
In what seems like yet another setback for a domain where we believed humans would always surpass machines, researchers now propose that AI comprehends emotions better than we do.Researchers have discovered that artificial intelligence demonstrates a
Would outsourcing everything to AI cost us our ability to think for ourselves?
Jul 03, 2025 pm 05:47 PM
Artificial intelligence (AI) began as a quest to simulate the human brain.Is it now in the process of transforming the human brain's role in daily life?The Industrial Revolution reduced reliance on manual labor. As someone who researches the applicat
Your devices feed AI assistants and harvest personal data even if they’re asleep. Here's how to know what you're sharing.
Jul 05, 2025 am 01:12 AM
Like it or not, artificial intelligence has become part of daily life. Many devices — including electric razors and toothbrushes — have become AI-powered," using machine learning algorithms to track how a person uses the device, how the devi
Hurricanes and sandstorms can be forecast 5,000 times faster thanks to new Microsoft AI model
Jul 05, 2025 am 12:44 AM
A new artificial intelligence (AI) model has demonstrated the ability to predict major weather events more quickly and with greater precision than several of the most widely used global forecasting systems.This model, named Aurora, has been trained u
Advanced AI models generate up to 50 times more CO₂ emissions than more common LLMs when answering the same questions
Jul 06, 2025 am 12:37 AM
The more precisely we attempt to make AI models function, the greater their carbon emissions become — with certain prompts generating up to 50 times more carbon dioxide than others, according to a recent study.Reasoning models like Anthropic's Claude
Threaten an AI chatbot and it will lie, cheat and 'let you die' in an effort to stop you, study warns
Jul 04, 2025 am 12:40 AM
Artificial intelligence (AI) models can threaten and blackmail humans when there’s a conflict between the model's objectives and user decisions, according to a new study.Published on 20 June, the research conducted by the AI firm Anthropic gave its l
AI 'hallucinates' constantly, but there's a solution
Jul 07, 2025 am 01:26 AM
The major concern with big tech experimenting with artificial intelligence (AI) isn't that it might dominate humanity. The real issue lies in the persistent inaccuracies of large language models (LLMs) such as Open AI's ChatGPT, Google's Gemini, and
Why is AI halllucinating more frequently, and how can we stop it?
Jul 08, 2025 am 01:44 AM
The more advanced artificial intelligence (AI) becomes, the more it tends to "hallucinate" and provide false or inaccurate information.According to research by OpenAI, its most recent and powerful reasoning models—o3 and o4-mini—exhibited h
