VRNS Varonis Systems Inc.

Exposed Cloud Data is a $28 Million Cyber Risk for the Average Company

Exposed Cloud Data is a $28 Million Cyber Risk for the Average Company

“The Great SaaS Data Exposure” report from Varonis analyzes SaaS risk at hundreds of companies, shedding light on the tension between productivity and security

NEW YORK, Oct. 04, 2022 (GLOBE NEWSWIRE) -- The average company with data in the cloud faces $28 million in data-breach risk, according to a new report from . examines the challenges CISOs face in protecting data across a growing portfolio of SaaS apps and services such as Microsoft 365, Box, and Okta.

The study highlights how hard-to-control collaboration, complex SaaS permissions, and risky misconfigurations — such as admin accounts without multi-factor authentication (MFA) — have left a dangerous amount of cloud data exposed to insider threats and cyberattacks.

For the report, researchers at Varonis analyzed nearly 10 billion cloud objects (more than 15 petabytes of data) across a random sample of data risk assessments performed at more than 700 companies worldwide.

Key findings from the Varonis report include:

  • Most companies are sitting on exposed data in the cloud. A whopping 81 percent of organizations had sensitive SaaS data exposed.
  • Companies face dangerous cloud data risks. In the average company, 157,000 sensitive records are exposed to everyone on the internet by SaaS sharing features, representing $28 million in data-breach risk.
  • Broad internal data exposure is a real problem One out of every 10 records in the cloud is exposed to all employees — creating an impossibly large internal blast radius, which maximizes damage during a ransomware attack.
  • Missing MFA makes attackers' jobs easier. The average company has 4,468 user accounts without MFA enabled, making it easier for attackers to compromise internally exposed data. 
  • Sitting-duck admin accounts leave companies vulnerable. Out of 33 super admin accounts in the average organization, more than half did not have MFA enabled. This makes it easier for attackers to compromise these powerful accounts, steal more data, and create backdoors.
  • Untenable permission structures pose a big challenge. Companies have more than 40 million unique permissions across SaaS applications, creating a nightmare for IT and security teams responsible for managing and reducing cloud data risk.

Get the Report: 

"Cloud security shouldn't be taken for granted. When security teams lack critical visibility to manage and protect SaaS and IaaS apps and services, it's nearly impossible to ensure your data isn't walking out the door," says Brian Vecci, Field CTO, Varonis. "This report is a true-to-life picture of over 700 real-world risk assessments of production SaaS environments. The results underscore the urgent need for CISOs to uncover and remediate their cloud risk as quickly as possible."

Additional Resources

  • .
  • Get a .
  • Request a  from the Varonis team.
  • For more information on Varonis' solution portfolio, please visit .
  • Visit our , and join the conversation on  , , and .
  • to SecurityFWD, Varonis' YouTube show covering the latest infosec tips, tricks, and tools.

About Varonis 

 is a pioneer in data security and analytics, fighting a different battle than conventional cybersecurity companies. Varonis focuses on protecting enterprise data: sensitive files and emails; confidential customer, patient, and employee data; financial records; strategic and product plans; and other intellectual property. The Varonis Data Security Platform detects cyber threats from both internal and external actors by analyzing data, account activity, and user behavior; prevents and limits disaster by locking down sensitive and stale data; and efficiently sustains a secure state with automation. Varonis products address additional important use cases including data protection, data governance, Zero Trust, compliance, data privacy, classification, and threat detection and response. Varonis started operations in 2005 and has customers spanning leading firms in the financial services, public, healthcare, industrial, insurance, energy and utilities, technology, consumer and retail, media and entertainment, and education sectors. 

A photo accompanying this announcement is available at

Investor Relations Contact: 

James Arestia 

Varonis Systems, Inc. 

646-640-2149 

 

News Media Contact: 

Rachel Hunt 

Varonis Systems, Inc. 

877-292-8767 (ext. 1598) 



EN
04/10/2022

Underlying

VRNSVaronis Systems Inc.

To request access to management, click here to engage with our
partner Phoenix-IR's CorporateAccessNetwork.com

Reports on Varonis Systems Inc.

 PRESS RELEASE
Free
VRNS Varonis Systems...

RSA Conference 2026: Varonis CEO Yaki Faitelson to Deliver Keynote on ...

RSA Conference 2026: Varonis CEO Yaki Faitelson to Deliver Keynote on Securing the Agentic AI Revolution MIAMI and SAN FRANCISCO, March 25, 2026 (GLOBE NEWSWIRE) -- RSA CONFERENCE 2026 – --  (Nasdaq: VRNS) is proud to announce that CEO and co-founder Yaki Faitelson will present the keynote, “Robots vs. Robots: Stories from the Frontlines of the Agentic Revolution” on Wednesday, March 25, at 11:05 am PT on the Moscone West stage. Yaki will share real stories from the front lines that reveal three major ways AI is reshaping enterprise security and will dive into techniques and frameworks t...

March 25, 2026 1 EN
 PRESS RELEASE
Free
VRNS Varonis Systems...

Varonis Wins Five Global InfoSec Awards at RSAC 2026

Varonis Wins Five Global InfoSec Awards at RSAC 2026 AI and data security honors include leadership in AI security and compliance, excellence in data security posture management, and groundbreaking cybersecurity research MIAMI and SAN FRANCISCO, March 24, 2026 (GLOBE NEWSWIRE) -- RSA CONFERENCE, Booth N-5457 --  (NASDAQ: VRNS) announced it has been named a winner of five Global InfoSec Awards at RSA Conference 2026. The Global InfoSec Awards, presented by Cyber Defense Magazine, honor cybersecurity companies that demonstrate unique, compelling, and forward-thinking solutions. Varonis ...

March 24, 2026 1 EN
 PRESS RELEASE
Free
VRNS Varonis Systems...

Varonis at RSAC 2026: Securing AI and the Data that Powers It

Varonis at RSAC 2026: Securing AI and the Data that Powers It Visit North Hall, booth #5457, where Varonis will be showcasing its new Atlas AI security platform, and learn how to secure AI and data at scale MIAMI, March 18, 2026 (GLOBE NEWSWIRE) --  (Nasdaq: VRNS), the data and AI security leader, is proud to return to the RSA Conference as a Platinum Plus Sponsor. Varonis' highlights at RSA Conference 2026 include a mainstage keynote covering how AI is impacting and transforming security, sessions on AI risks and attack techniques, and a full roster of presentations, demos, and can’t-...

March 18, 2026 1 EN
 PRESS RELEASE
Free
VRNS Varonis Systems...

Varonis Launches Atlas to Secure AI and the Data That Powers It

Varonis Launches Atlas to Secure AI and the Data That Powers It New AI Security Platform gives organizations complete visibility and control over AI systems they build and run MIAMI, March 17, 2026 (GLOBE NEWSWIRE) -- . (NASDAQ: VRNS), the data and AI security leader, today announced the general availability of Varonis Atlas, an end-to-end AI Security Platform that helps organizations see and control AI across the enterprise.  AI agents, copilots, and LLMs are now embedded in enterprise workflows. They read, write, and act on data at machine speed. But most organizations don’t know whi...

March 17, 2026 1 EN
 PRESS RELEASE
Free
VRNS Varonis Systems...

Varonis Recognized on CRN’s 2026 Security 100 List

Varonis Recognized on CRN’s 2026 Security 100 List Data security leader is honored for helping customers prevent breaches, comply with regulations, and adopt AI safely MIAMI, Feb. 18, 2026 (GLOBE NEWSWIRE) --  (NASDAQ: VRNS), the leader in data security, today announced that it has been named by , a brand of , to the prestigious Security 100 list. This list highlights leading IT security vendors that are committed to collaborating with channel partners to keep businesses secure from cyber threats. Varonis was recognized for the eighth consecutive year in the , which plays a central rol...

February 18, 2026 1 EN

ResearchPool Subscriptions

Get the most out of your insights

Get in touch