1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Nearly all firms have suffered cloud security threats this year

    From TechnologyDaily@1337:1/100 to All on Fri Sep 30 11:45:03 2022
    Nearly all firms have suffered cloud security threats this year

    Date:
    Fri, 30 Sep 2022 10:34:53 +0000

    Description:
    As cloud migration continues, complexity and responsibility remain two major stepping stones.

    FULL STORY ======================================================================

    The vast majority of organizations have suffered at least one cloud-related cybersecurity incident in the last 12 months, a new report from Venafi has claimed.

    It found that rising complexity, and the lack of clarity over whose responsibility cloud security really is, are two major contributors to these incidents.

    According to Venafi, 81% of firms experienced at least one such incident in the last year. Almost half (45%) suffered as many as four incidents. Security and operational risks

    Most of the time, they experience security incidents during runtime (34%), unauthorized access (33%), misconfigurations (32%), major vulnerabilities
    that havent been patched (24%), or failed audits (19%).

    At the same time, only unauthorized access made it to the top five list of
    the biggest operational and security concerns security decision-makers are having. There are also account, services, and traffic hacks (35%), malware
    and ransomware (31%), privacy issues (31%), and nation-state attacks (26%).

    Attackers are now on board with business shift to cloud computing, says Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. The ripest target of attack in the cloud is identity management, especially machine identities. Each of these cloud services, containers, Kubernetes clusters and microservices needs an authenticated machine identity such as a TLS certificate to communicate securely. If any of these identities is compromised or misconfigured, it dramatically increases security and operational risks. Read more

    Top data breaches and cyber attacks of 2022


    Cloud migration is still accelerating, despite security concerns


    Check out the best endpoint protection services today

    The study has also shown how businesses dont really know whose responsibility cloud security really is. Enterprise security teams (25%) are the most likely ones to manage app security in the cloud, right before operations teams
    (23%). For almost a quarter (22%) it should be a collaborative effort shared between multiple teams, while 16% think it should be the responsibility of developers writing cloud applications.

    Venafi seems to hint that shared responsibility models shouldnt be adopted,
    as security teams and development teams have very different goals and objectives. While developers need to move fast, it creates visibility issues for security teams. Without this visibility, security teams cannot evaluate how those controls stack up against security and governance policies, the report states.

    Organizations studied for the report currently host 41% of their applications in the cloud and expect the number to rise to 57% in the next year and a
    half. These are the best firewalls today



    ======================================================================
    Link to news story: https://www.techradar.com/news/nearly-all-firms-have-suffered-cloud-security-t hreats-this-year/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)