Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
Strife in the cloud? Time for better security.
On April 18, Palo Alto Networks threat intelligence research arm, Unit 42 (not to be confused with the hacking organization APT43) released its seventh Cloud Threat Report.
In the study, researchers note that threat actors are moving quickly to take advantage of outdated cloud security tactics—and IT teams aren’t moving fast enough to deal with the fallout.
By the numbers. The data in the Unit 42 report shows how far behind companies and organizations are when it comes to cloud cybersecurity—and what they’re leaving open to threat actors:
- Codebases. The report found that a slim majority—51%—of source code used in the cloud depends on over 100 open-source packages, only 23% of which are directly imported by developers. Sixty-three percent of codebases have unpatched vulnerabilities rated high or critical.
- MFA. Adoption of multi-factor authentication lags in most organizations and companies, and cloud logins are not immune. A staggering 76% of organizations don’t enforce the use of MFA for cloud console users, and 58% don’t enforce it for more important root and admin users.
- Insecure. PII, financial records, and intellectual property—among other sensitive data—are found in 66% of storage buckets and 63% of publicly exposed buckets. When there are cloud security issues, it takes security teams an average of 145 hours, or six days, to resolve the issues; 60% of organizations report resolution taking over four days.
Can you see what I see? Bob West, a CSO with Palo Alto, told IT Brew that one of the main problems he sees is that organizations lack good visibility in the cloud. That leads to problems and makes it hard to respond to threats.
“Protecting environments and traditional infrastructure is hard,” West said. “And when you move to the cloud, it effectively creates a more complex environment—primarily because you don’t have full control over the cloud service providers, environments, or SaaS applications.”
Threat actors take advantage of that lack of control. Adversaries know that most companies don’t have the resources and visibility to react quickly to attacks and threats, and are keenly aware that developers and general staff lack the security hygiene of IT teams. And with a continued shortage of security professionals around the industry, cloud cyber insecurity is a major issue.
West told IT Brew that IT teams can solve these problems with clear communication to the rest of their organization on proper security hygiene. Breaking down the issues into concise and relatable language is always a plus.
Most importantly, teams need to make sure the tools they’re deploying internally and that other users are using are clear and easy to understand.
“Keeping an environment as simple as possible, architecturally, [limiting] the number of tools that you use—that makes protecting information much easier,” West said.—EH