![]() While CSPs often provide tools to help manage cloud configuration, misconfiguration of cloud resources remains the most prevalent cloud vulnerability that the threat actors can exploit to access cloud data and services. Managing and eliminating misconfigurations is critical to reduce the risk of attack. This is concerning because high-profile data breaches reveal the majority of cyberattacks on public cloud instances are due to misconfigurations rather than vulnerabilities. This section covers key findings around the top five types of cloud threats, including misconfigurations, vulnerabilities, compromised accounts, supply chain attacks, and ransomware.ĩ8.6% of organizations have misconfigurations in their cloud environments that cause critical risks to data and infrastructure. However, from widespread misconfigurations to supply chain threats, the risks around using cloud technology are still slowly being realized and calculated by many organizations as they experience related attacks. The following findings of this year’s report provide a summary look at the state of cloud security in 2022 and its various related challenges.ĥ5.1% of organizations leverage more than a single cloud provider and 66.7% of organizations have public cloud storage buckets. For a quick look back, check out the 20 reports. To support organizations in the mission to protect their cloud environments, Zscaler ThreatLabz researchers analyze cloud workload statistics from the world’s largest security data set, which is built off of over 260 billion daily transactions across the Zscaler platform. Understanding the shared responsibility model and proper account configuration is important for helping enterprises align and effectively implement the right compliance and security policies. While CSPs provide security for the cloud service and hosting infrastructure, the customer is responsible for managing security policies, access, and data protection within the cloud. This is known as the Shared Responsibility Model. Under the current directive, cloud security and compliance are shared responsibilities between the cloud service provider (CSP) and the customer. Securing business in the cloud requires an entirely new approach, one that reestablishes holistic visibility and granular control across the environment. Legacy solutions don’t translate well into cloud environments, which are elastic, loosely coupled to infrastructure, and do not have a static perimeter. ![]() This highlights a key problem many organizations are still using legacy network-based security technologies to protect cloud environments. ![]() Meanwhile, leaders undertaking cloud transformation or expansion must continue to weigh cost and performance trade-offs between security, operability, control, implementation, and customization.Īccording to research by Venafi, 81% of organizations have experienced a public cloud-related security incident in the past year, with 45% indicating they suffered four or more incidents. As public cloud adoption continues to accelerate, organizations need to hold up their end of the shared responsibility model to protect against cloud security threats. ![]() The convenience and ease of public cloud technology have changed our world, enabling scalable business operations, work-from-anywhere, and increased productivity everywhere.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |