The recent Annual SaaS Security Survey Report: 2025 CISO Plans and Priorities revealed that 70% of organizations are focusing on investing in SaaS security, even amidst economic uncertainty and downsizing. The report, released by the Cloud Security Alliance (CSA), highlights the significant efforts being made by organizations to secure their SaaS applications.
One of the key findings of the survey is the establishment of dedicated SaaS security teams within organizations. For the first time, the survey identified the existence of SaaS-specific security roles, with 57% of respondents having a SaaS security team consisting of at least two dedicated full-time employees. Additionally, 13% of organizations have allocated a single dedicated full-time employee to SaaS security.
Moreover, organizations have managed to enhance their key SaaS security capabilities, with 70% reporting moderate to full visibility into their SaaS applications. This increased visibility into the SaaS stack has helped companies in preventing breaches and detecting threats more effectively than before. However, despite these advancements, organizations still face challenges in managing misconfigurations, connected apps, and security risks. The use of tools like CASB and manual audits has led to difficulties in achieving visibility into business-critical apps, tracking security risks from third-party connected apps, fixing SaaS misconfigurations, ensuring data governance and privacy, and aligning SaaS application settings with compliance standards.
Despite these challenges, the investment in SaaS security seems to be paying off, as organizations are taking a proactive approach to address security threats. The report highlights a positive trend, with only 25% of respondents experiencing a SaaS security incident in the past two years, down from 53% in the previous year. The most common security incidents reported include data breaches, data leakage, unauthorized access, and malicious applications.
Maor Bin, CEO and co-founder of Adaptive Shield, emphasized the importance of investing in preventative methods to counter sophisticated threats. He mentioned that organizations are increasingly realizing the need to consolidate their security solutions and cover all security use cases to combat new attack surfaces effectively.
The survey, which received 478 responses from IT and security professionals, was conducted online by CSA in January 2024. The results indicate a positive shift in organizations’ approach towards SaaS security, with a growing emphasis on proactive measures to safeguard against security incidents.
Adaptive Shield, a trusted SaaS Security Posture Management (SSPM) platform, continues to lead in the SaaS security space by enabling security teams to monitor and respond to security threats effectively within the SaaS ecosystem. Recognized with awards such as Gartner Cool Vendor and Frost & Sullivan’s Global Technology Innovation Leadership, Adaptive Shield remains a key player in enhancing SaaS security for large enterprises.
Overall, the findings of the Annual SaaS Security Survey Report underscore the importance of prioritizing SaaS security in today’s rapidly evolving threat landscape. With organizations increasingly investing in dedicated SaaS security teams and enhancing their security capabilities, the future looks promising in terms of securing SaaS applications and mitigating security risks effectively.