RedLock’s recent Cloud Security Trends details the rise of data exposures, changes in cloud security, and what businesses need to do to address these issues.
It’s no secret that the cloud is fundamentally changing the way enterprises approach security and legacy tech tools, and platforms may not be able to keep up.
According to RedLock’s Cloud Security Trends, released Thursday, 81% of organizations are not managing host vulnerabilities in the cloud, which sets them up to potentially be the victim of an attack or breach. The reason for this is that previous vulnerability management investments simply don’t have the context necessary to help IT manage the new threats in the cloud.
RedLock CTO Gaurav Kumar said in a press release that many organizations are “falling behind” in protecting their public cloud environments. Recent breaches at major firms show that “the threats are real and cybercriminals are actively targeting information left unsecured in the public cloud,” Kumar said in the release. “It’s imperative for every organization to develop an effective and holistic strategy now to protect their public cloud computing environment.”
In line with these major breaches, cloud data exposure is on the rise as well, the report found. By not keeping up with best practices regarding data security, many companies are inadvertently leaving their assets at risk.
One example given by the press release was that of 53% of organizations using cloud storage services like Amazon S3 have unintentionally exposed one or more such service to the public. Recent examples include leaks at Dow Jones, Verizon, and a GOP analytics firm. That number is up from 40% in a May RedLock report. What’s even worse is that these exposures are happening even though Amazon published a warning on how to properly secure S3.
“Moreover, the research also revealed that 48% of PCI checks fail in public cloud computing environments,” the release said.
Risky users are also a big problem in the public cloud, according to the report. Admin accounts have been compromised at 38% of organizations, the report found, with those accounts being used for malicious activity.
On the network side of things, the RedLock team found that 37% of databases are accepting inbound connection requests from the internet. Of those, some 7% are getting requests from suspicious IP addresses, which could mean they’ve been compromised.
Additionally, the report said, the research team noted that Kubernetes admin consoles weren’t protected with a password, creating new problems. “Researchers even found that many of these environments were leaking access credentials for various cloud environments. To make matters worse, some of these environments had already been compromised to mine Bitcoins, which organizations were completely unaware of,” the release said.
[to continue, click HERE]