Google has some recommendations for keeping your business safe

Google Cloud report outlines common threats, but also offers ideas how to mitigate them

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A new report has highlighted some of the biggest cybersecurity mistakes coming from businesses, but also offered some advice on how to deal with these threats.

Research fromMandiant for Google Cloudoutlined how, during the first three months of 2023, having a weak password or even not having one accounted for more than half (54.8%) of all cloud compromise factors, followed by misconfiguration in second place accounting for 19% and API exposure at 11.9%.

Being that compromised credentials are of greatest concern (a further 7.1% of factors were made up of leakedpasswords),GoogleCloud shifts the emphasis onto the company to implement stronger identity management guardrails at org level.

Businesses continue to make cybersecurity mistakes

The company also made a note of malicious Android apps that are also targeting employees’ credentials. Without protective measures in place, those issued with business phones may download apps of their own accord.

These are the best cloud hosting providers>How to achieve ROI on your cybersecurity during a recession>Cybersecurity is the most common IT expense - but are firms spending enough?

Google pointed out a common tactic observed whereby threat actors create a seemingly legitimate app in order to gainPlay Storeapproval before updating it to carry a malicious payload.

Companies can take simple action to prevent this by creating application allowlists across their fleet of smartphones and tablets.

While smaller in number, domain and IP compromises were also prevalent in the first quarter of 2023, with remedies including adequateendpoint protectionand regular scanning and examination.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Finally, a distinct threat to the telecommunications industry was recorded with breaches affecting T-Mobile, AT&T, and Dish all in the US alone during the first half of 2023. Other cyber, DDoS, and ransomware attacks were also observed, which Google Cloud puts down to threats both from nation-states and other cybercriminals.

As businesses continue their transition to cloud, it’s clear than an enhanced focus on cybersecurity is needed in an era of increased attacks in order to secure sensitive information.

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

7 myths about email security everyone should stop believing

Quordle today – hints and answers for Friday, November 8 (game #1019)