{"id":88960,"date":"2023-04-18T08:15:00","date_gmt":"2023-04-18T08:15:00","guid":{"rendered":"https:\/\/cloudnewshub.com\/?p=88960"},"modified":"2023-04-18T08:15:00","modified_gmt":"2023-04-18T08:15:00","slug":"focus-on-these-three-risky-behaviours-to-boost-cloud-security","status":"publish","type":"post","link":"https:\/\/cloudnewshub.com\/?p=88960","title":{"rendered":"Focus on these three risky behaviours to boost cloud security"},"content":{"rendered":"
<\/div>\n

Users of cloud computing resources have a tendency to make the same mistakes repeatedly, with the vast majority \u2013 approximately 80% \u2013 of alerts seen by security teams triggered by a scant 5% of security rules, according to findings set out in a report compiled by Palo Alto Networks\u2019 Unit 42<\/a> research unit.<\/p>\n

In Cloud threat report, navigating the expanding attack surface<\/a><\/i> \u2013 the seventh in an ongoing series \u2013 Unit 42 analysed workloads drawn from 210,000 cloud accounts across 1,200 different organisations and examined multiple real-world security incidents that arose through cloud environments.<\/p>\n

They repeatedly found that almost every organisation had a small set of risky behaviours that could be frequently observed in their cloud workloads. Out of these, the most regularly seen were unrestricted firewall policies<\/a>, exposed databases, and unenforced multifactor authentication<\/a> (MFA) policies \u2013 76% of organisations don\u2019t enforce MFA for console users, the report said.<\/p>\n

\u201cAll of [these] likely originate from an isolated number of engineers and IaC [infrastructure-as-code] templates<\/a>,\u201d wrote lead researcher Jay Chen and his team. \u201cThese issues vary from organisation to organisation, but the takeaway is the same for all of them \u2013 a small number of repeatable issues drive the largest percentage of problems.\u201d<\/p>\n

The team also found that it takes 145 hours \u2013 around six days \u2013 for a security alert to be responded to on average, and that 60% of organisations take longer than four days to resolve a security alert. By prioritising remediation of these three issues, security teams can not only help their organisations maximise the return on their security investments, but potentially also eliminate many of their day-to-day headaches at a stroke.<\/p>\n

\u201cAfter two decades of rapid cloud adoption by organisations, 2023 could be considered a turning point for cloud security. The rate of cloud migration shows no sign of slowing down \u2013 from $370bn [\u00a3297.6bn] in 2021, with predictions to reach $830bn [\u00a3667.6bn] in 2025 \u2013 with many cloud-native applications and architectures already having had time to mature,\u201d said Ankur Shah, senior vice-president of Prisma Cloud<\/a> at Palo Alto Networks.<\/p>\n

\u201cThe dynamic nature of cloud technology \u2013 with feature updates in public cloud services, new attack methods, and the widespread use of open-source code \u2013 is now driving awareness of the risks inherent to modern, cloud-native development. The more organisations that adopt cloud-native technologies, the higher the number of cloud-native applications becomes. The popularity and complexity of the technology then expands the attack surface with vulnerabilities and misconfigurations for cyber criminals to exploit,\u201d he said.<\/p>\n

Although user-generated issues, including insecure configurations, remain the primary concern when it comes to cloud security, the Unit 42 team also highlighted issues that stem from ready-to-use templates and default configurations offered by cloud service providers (CSPs).<\/p>\n

They said that while these default options might seem to be quite convenient, they do not, to put it mildly \u201cposition users in the most secure initial state.\u201d<\/p>\n

The latest edition of the Cloud threat report<\/i> highlights the use of open source software and components as one of the driving forces behind the cloud revolution and how this trend has increased risk by introducing more complexity, increasing the likelihood of problems such as depreciated or abandoned software, malicious content, and slower patching cycles, all adding to the pressure on organisational security.<\/p>\n

\n

<\/i>Growing attack surface<\/h3>\n

As the report\u2019s title would suggest, Unit 42 said that organisations should expect the attack surface of cloud-native applications to continue to expand going forward, and for threat actors to find \u201cincreasingly creative\u201d ways to target them.<\/p>\n

As such, the report also includes a number of practical tips, such as putting in place enforced MFA policies and enabling features such as automated alert triage and remediation, control plane audit logs, automated backups and data-at-rest encryption.<\/p>\n

Security teams should also consider budgeting for software composition analysis (SCA) tools during the development process, data loss prevention (DLP) solutions and, of course, take care never to expose databases or services such as remote desktop protocol (RDP) or SSH to the public internet<\/p>\n

\u201cThe bottom line to our findings is simple: your organisation may not be as secure as you think. You\u2019re going to need to be vigilant, proactive and innovative to stay ahead of adversaries,\u201d wrote Chen and his team.<\/p>\n<\/section>\n","protected":false},"excerpt":{"rendered":"

Users of cloud computing resources have a tendency to make the same mistakes repeatedly, with the vast majority \u2013 approximately 80% \u2013 of alerts seen by security teams triggered by a scant 5% of security rules, according to findings set out in a report compiled by Palo Alto Networks\u2019 Unit 42 research unit. In Cloud […]<\/p>\n","protected":false},"author":1,"featured_media":88961,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[533],"tags":[],"class_list":["post-88960","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it"],"_links":{"self":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/88960","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=88960"}],"version-history":[{"count":0,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/88960\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/media\/88961"}],"wp:attachment":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=88960"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=88960"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=88960"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}