{"id":7338,"date":"2021-08-08T13:15:20","date_gmt":"2021-08-08T11:15:20","guid":{"rendered":"https:\/\/tekmart.co.za\/t-blog\/?p=7338"},"modified":"2021-08-08T13:16:02","modified_gmt":"2021-08-08T11:16:02","slug":"growing-cause-of-security-incidents-attributable-to-cloud-misconfiguration","status":"publish","type":"post","link":"https:\/\/tekmart.co.za\/t-blog\/growing-cause-of-security-incidents-attributable-to-cloud-misconfiguration\/","title":{"rendered":"Growing cause of security incidents attributable to cloud misconfiguration."},"content":{"rendered":"Reading Time-approximately:<\/span> 2<\/span> minutes<\/span><\/span>\n

Rapid cloud adoption during the pandemic has increased the attack surface and heightened the risk of misconfiguring services, leaving organisations more vulnerable to cyber attacks.<\/strong><\/h2>\n\n\n\n
\"Sebastian<\/figure>\n\n\n\n

By Sebastian Klovig Skelton <\/a><\/p>\n\n\n\n

Every organisation deploying Amazon Web Services (AWS) has experienced at least one security incident in its public cloud environment over the past year, with businesses\u2019 rapid move to the cloud making secure configuration \u201cnearly impossible\u201d, according to threat detection and response specialist Vectra AI.<\/p>\n\n\n\n

New research by the threat detection firm shows that AWS\u2019s platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) offerings have become increasingly vital components for many enterprises during the pandemic, largely because of the flexibility and scalability they can bring in the context of widespread remote working.<\/p>\n\n\n\n

According to the survey of 317 IT executives conducted by Vectra, 64% of organisations are deploying new AWS services on a weekly or daily basis, with 71% using four or more services, and only 29% using just its S3, IAM and EC2 services. It also found that 78% of organisations are running AWS across multiple regions, and 40% in at least three.<\/p>\n\n\n\n

However, Vectra says enterprises\u2019 rapid adoption of these AWS services has also led to the development of security blind spots within many organisations.<\/p>\n\n\n\n

\u201cSurprisingly, the survey shows that 30% of organisations surveyed don\u2019t have formal deployment sign-off before pushing to production, and 40% have shared that they don\u2019t have a DevSecOps workflow,\u201d said the\u00a0report, which added that 100% of the organisations surveyed had experienced a security incident on AWS in the past year.<\/p><\/blockquote>\n\n\n\n

\u201cThis shows that the cloud has expanded to such an extent that configuring it securely is nearly impossible,\u201d it said. \u201cAnd while a few applications can be configured to reach into the right services, with so many people having access to modify both the applications and services, the risk is multiplied by an order of magnitude.\u201d<\/p>\n\n\n\n

A further 71% of organisations said they have 10 or more users with the access and ability to modify the entire infrastructure in their AWS environments.<\/p><\/blockquote><\/figure>\n\n\n\n

Within the context of\u00a0Gartner\u2019s prediction\u00a0that over 99% of cloud breaches will have a root cause of customer misconfiguration or mistakes by 2025, the report added: \u201cThe reality is that securely configuring the cloud will remain a daunting task due to the sheer size, scale and continuous changes in workloads and infrastructure.\u201d<\/p>\n\n\n\n

However, it also said that most organisations are aware of their public cloud-related security deficiencies, with 71% saying they need monitoring and threat detection capabilities that are beyond the scope of what is currently available from providers such as AWS.<\/p>\n\n\n\n

\u201cSecuring the cloud with confidence is nearly impossible due to its ever-changing nature,\u201d said Matt Pieklik, senior consulting analyst at Vectra.<\/p>\n\n\n\n

\u201cTo address this, companies need to limit the number of attack vectors malicious actors are able to take. This means creating formal sign-off processes, creating DevSecOps workflows and limiting the number of people that have access to their entire infrastructure as much as possible.<\/p><\/blockquote>\n\n\n\n

\u201cUltimately, companies need to provide security holistically, across regions and automate as many activities as possible to enhance their effectiveness.\u201d<\/p>\n\n\n\n

Separate research\u00a0from Gartner showed that the worldwide IaaS market grew by 40.7% in 2020. The biggest names in the space include AWS, which had an IaaS market share of 44.6%, Microsoft with a 17.4% share, Alibaba with 8.8% and Google with 5.2%.<\/p>\n","protected":false},"excerpt":{"rendered":"

Reading Time-approximately:<\/span> 2<\/span> minutes<\/span><\/span>Rapid cloud adoption during the pandemic has increased the attack surface and heightened the risk of misconfiguring services, leaving organisations more vulnerable to cyber attacks. By Sebastian Klovig Skelton Every organisation deploying Amazon Web Services (AWS) has experienced at least one security incident in its public cloud environment over the past year, with businesses\u2019 rapid move to the cloud making<\/p>\n

Read More<\/a><\/p>\n","protected":false},"author":113,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[75,155,164,49,276,185,4,30,54,3,184,188,147,238],"tags":[],"class_list":["post-7338","post","type-post","status-publish","format-standard","hentry","category-new-normal-courtesy-of-covid-19","category-batting-for-tech-in-the-covid-19-times","category-cloud-architecture-design-and-planning","category-cloud-computing","category-cloud-computing-for-business","category-data-center-hardware-terminology","category-datacenter-news","category-expert-advise-and-opinion","category-hackers-and-cybercrime-prevention","category-industry-news-and-expert-advise","category-msps-and-cybersecurity","category-network-infrastructure","category-security","category-timeless-articles"],"_links":{"self":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts\/7338","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/users\/113"}],"replies":[{"embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/comments?post=7338"}],"version-history":[{"count":1,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts\/7338\/revisions"}],"predecessor-version":[{"id":7339,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts\/7338\/revisions\/7339"}],"wp:attachment":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/media?parent=7338"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/categories?post=7338"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/tags?post=7338"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}