Venafi on Wednesday reported that 81% of organizations surveyed experienced a cloud-related security incident over the last 12 months, with some 45% suffering at least four incidents.
These cloud security incidents are caused by the dramatic increase in security and operational complexity connected with cloud deployments.
The report said the most common cloud-related security incidents experienced by respondents include the following: runtime incidents (34%); unauthorized access (33%); misconfigurations (32%); major vulnerabilities that have not been remediated (24%); and failed audits (19%).
Because of the dynamic and distributed nature of cloud infrastructure and its increased attack surface, it's easier for malicious actors to exploit image misconfigurations and vulnerabilities before security teams have a chance to discover and address them, said Ratan Tipirneni, president and CEO at Tigera. Tipirneni said in the cloud, there are a number of ways a misconfiguration or vulnerability could become compromised, and a multitude of ways that such an attack could propagate within the environment.
“Very few solutions that provide mitigating controls exist for cloud-native container platforms,” Tipirneni said. “Organizations need to design a security architecture with the assumption that they have already been breached. They should also design a zero-trust access model, given this assumption of already breached. Microsegmentation is absolutely essential in this model.”
Dennis Monner, chief commercial officer at Aryaka, added that most of the cloud incidents result from just basic security hygiene and software-defined approaches. Monner said more than half of the incidents result from misconfigurations and overdue patching.
“It’s frustrating, but also understandable when you look at what a challenge it is to find and retain security talent in this market,” said Monner. “The hands to do the work are not there. It really is the perfect storm: a vicious and evolving threat, an architecture that was built for another era, and a lack of talent and experience in critical disciplines like security, cloud, and networking. It’s why enterprises are looking towards converging these disciplines in approaches like SASE.”
Hank Schless, senior manager, security solutions at Lookout, said the cloud offers scalability and the ability to create interconnected services for smoother workflows. However, Schless said this also means that one misconfiguration can have magnified ramifications across multiple systems.
“Misconfigurations in cloud infrastructure platforms, such as AWS or GCP, create cracks in the foundation that attackers will try to exploit,” Schless said. “In addition, a misconfigured cloud app could expose a plethora of customer data without you even knowing.