Dive Brief:
- Snowflake has emphasized that responsibility for security lies with its customers, not the company itself, following a wave of attacks on over 100 Snowflake customer environments in April.
- CEO Sridhar Ramaswamy reiterated during the earnings call that Snowflake’s platform was not breached, but the company remains committed to supporting affected customers with cybersecurity.
- The attacks did not impact Snowflake’s business during the quarter, according to CFO Michael Scarpelli.
Dive Insight:
Snowflake’s stance on cloud security emphasizes customer ownership of security measures. Despite the attacks, Snowflake’s operations were unaffected, leading the company to focus on assisting impacted customers.
Snowflake introduced a new policy in July mandating multifactor authentication (MFA) for all users or specific roles, a step towards strengthening security practices on its platform.
These incidents highlight the complexities of cybersecurity in a shared responsibility model within the cloud market, where customers are accountable for their access credentials and security practices.
Snowflake’s revenue continues to grow, reaching nearly $869 million in the fiscal 2025 second quarter. The company reported no financial impact from the attacks on its customers, despite a slight increase in losses compared to the previous year.