New research shows that the majority of all malware is now delivered via cloud applications, showing how attackers increasingly abuse popular cloud services to evade legacy security defenses, putting enterprise data at risk.

Organizations with between 500 and 2,000 employees now use on average 664 distinct cloud apps per month. Of those apps, nearly half have a ‘poor’ Cloud Confidence Index (CCI), a measure pioneered by Netskope to determine a cloud service’s enterprise readiness.

Cloud apps are now the target of around one in three (36 percent) phishing campaigns. While the majority of phishing lures are still hosted on traditional websites, attackers are increasingly using cloud apps to gain footholds in organizations.

Malicious Office documents are being used as trojans to deliver next stage payloads, including ransomware and backdoors. Using cloud app delivery to evade legacy email and web defenses, malicious Office documents represent 27 percent of all malware downloads detected and blocked.

As work and home lives have become blurred, 83 percent of users are accessing personal app instances on corporate devices. The average enterprise user uploads 20 files to personal apps each month from these managed devices, increasing the likelihood of data being mishandled or leaked.

Cybercriminals increasingly abuse the most trusted and popular cloud apps, especially for cloud phishing and cloud malware delivery. Enterprises using the cloud need to quickly modernize and extend their security architectures to understand data content and context for apps, cloud services, and web user activity.