Today: Jun 04, 2025

Sophos survey finds 56% IaaS users experienced increase in volume of attacks on their organisation

John Shier, senior security advisor at Sophos.
John Shier, senior security advisor at Sophos.

Sophos, a global leader in innovating and delivering cybersecurity as a service, published findings of a new survey, “The Reality of SMB Cloud Security in 2022.” The survey found that, among Infrastructure as a Service users, 56% experienced an increase in the volume of attacks on their organization when compared to the previous year, and 67% were hit by ransomware. In addition, 59% experienced an increase in complexity of attacks.

For many of these users, a lack of visibility into their infrastructure, unpatched vulnerabilities and resource misconfigurations make them susceptible to various types of attacks, including ransomware. Of those surveyed, only 37% track and detect resource misconfigurations and only 43% routinely scan IaaS resources for software vulnerabilities. What’s more, 65% of cloud users reported not having visibility of all resources and their configurations, and only 33% said their organization has the resources to continuously detect, investigate and remove threats in their IaaS infrastructure.

“It is imperative that security is prioritized as organizations continue to adopt cloud services. This includes implementing traditional threat-based protections, as well as risk-based mitigations. Unpatched vulnerabilities and misconfigured resources are both preventable mistakes and avoidable risks that make life easier for attackers. Most attackers are not unstoppable criminal masterminds, but rather opportunistic cyberthugs looking for an easy payday,” said John Shier, senior security advisor, Sophos. “However, the survey also found that more advanced IaaS users are twice as likely to report a decrease in attack impact than beginners, suggesting the appropriate defense mechanisms can go a long way in deterring threat actors. For users who need help, we recommend security services that have the 24/7 experts who can detect and quickly respond to active attacks.”

Don't Miss

Gerard Allison, Senior Vice President EMEA Sales at Sophos

Sophos Announces Intent to Expand Middle East Operations with New Data Center in the UAE

Sophos, a global leader of innovative security solutions for defeating cyberattacks, today
Chris Bell, Senior Vice President of Global Channel, Alliances and Corporate Development, Sophos

Sophos Launches MSP Elevate Program to Drive Growth and Profitability

Sophos, a global leader of innovative security solutions for defeating cyberattacks, today

Welcome to

By signing or creating an account you agree with our Code of conduct & Privacy policy