81% of companies had a cloud security incident in the last year

According to new Venafi research, complexity due to increase, as companies plan to host more than half their applications in the cloud.

Venafi has published the findings of new research that evaluates the complexity of cloud environments and its impact on cybersecurity. The study found that 81% of organizations have experienced a cloud-related security incident over the last 12 months, with almost half (45%) suffering at least four incidents. The underlying issue for these security incidents is the dramatic increase in security and operational complexity connected with cloud deployments. And, since the organizations in this study currently host two fifths (41%) of their applications in the cloud but expect increase to 57% over the next 18 months, this complexity will continue to increase

More than half (51%) of the security decision makers (SDMs) in the study believe security risks are higher in the cloud than on premises, citing several issues that contribute to those risks. The most common cloud-related security incidents respondents have experienced are:

•Security incidents during runtime (34%)

•Unauthorized access (33%)

•Misconfigurations (32%)

•Major vulnerabilities that have not been remediated (24%)

•A failed audit (19%)

The key operational and security concerns that SDMs have in relation to moving to the cloud are:

•Hijacking of accounts, services or traffic (35%)

•Malware or ransomware (31%)

•Privacy/data access issues, such as those from GDPR (31%)

•Unauthorized access (28%)

•Nation state attacks (26%)

“Attackers are now on board with business’ shift to cloud computing,” says Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. “The ripest target of attack in the cloud is identity management, especially machine identities. Each of these cloud services, containers, Kubernetes clusters and microservices needs an authenticated machine identity – such as a TLS certificate – to communicate securely. If any of these identities is compromised or misconfigured, it dramatically increases security and operational risks.”

The study also investigated how responsibility for securing cloud-based applications is currently assigned across internal teams. This varies widely across organizations, with enterprise security teams (25%) the most likely to manage app security in the cloud, followed by operations teams responsible for cloud infrastructure (23%), a collaborative effort shared between multiple teams (22%), developers writing cloud applications (16%) and DevSecOps teams (10%). However, the number of security incidents indicates that none of these models are effective at reducing security incidents.

When asked who should be responsible for security cloud-based applications, again, there was no clear consensus. The most popular option shares responsibility between cloud infrastructure operations teams and enterprise security teams (24%). The next most popular options are share responsibility across multiple teams (22%), leaves responsibility with developers writing cloud applications (16%) and DevSecOps teams (14%).

The challenges connected with shared responsibility models is that security teams and development teams have very different goals and objectives. Developers need to move fast to accelerate innovation while security teams often do not have visibility into what development teams are doing. Without this visibility, security teams cannot evaluate how those controls stack up against security and governance policies.

“Security teams want to collaborate and share responsibility with the developers who are cloud experts, but all too often they’re left out of cloud security decisions,” continued Bocek. “Developers are making cloud-native tooling and architecture decisions that decide approaches to security without involving security teams. And now we can see the results of that approach: security incidents in the cloud are rapidly growing. We need to reset the approach to cloud security and create consistent, observable, controllable security services across clouds and applications. Architecting in a control plane for machine identity is a perfect example a new security model created specifically for cloud computing. This approach embeds security into developer processes and allows security teams to protect the business without slowing down engineers.”

Purpose-built security data lake helps organizations aggregate, manage, and analyze log and event data to enable faster threat detection, investigation, and incident response.
New data management service helps customers catalog, discover, share, and govern data across their organization.
Leading geospatial intelligence company relies on AWS infrastructure, high performance computing, and analytics to give customers timely, actionable insights to expand their geospatial data applications.
World’s leading cloud provider announces new replenishment projects in India, the United Kingdom, and the United States to bring much needed clean water to communities around the world.
Focus on digital transformation, persistent skills shortages and new risks around cloud migration resulting in CISOs consolidating siloed, disparate and duplicate systems.
Delivers accelerated performance, operational savings and improved efficiency.
Rackspace Technology® says that, despite the rise of inflationary pressures and a global economic slowdown, few organizations are scaling back on IT investment and most are committed to spending more, according to a new survey Managing IT in Challenging Economic Times, a survey of 1,420 IT decision-makers across manufacturing, retail, hospitality/travel, healthcare/pharma/biomedical, government and financial services sectors in the Americas, Europe, Asia, Australia, and the Middle East.
Veritas Technologies research reveals that UK businesses are going over their allocated cloud budgets by an average of 33% with unplanned data backup and recovery as the leading cause.