According to a new report, studies show that misconfigurations are the primary cause of cyber security issues in the Cloud. What are misconfigurations? Misconfigurations are the public cloud server instances, such as storage and compute, that are configured in such a way that they are vulnerable to breaches.
Trend Micro, a well- known Cloud security firm stated that 230 million misconfigurations are happening in Cloud on average each day. In other words, proving the risk is both frequent and has a wide range. Greg Young, the vice president of cybersecurity for Trend Micro, says “Cloud-based operations have become the rule rather than the exception, and cybercriminals have adapted to capitalize on misconfigured or mismanaged cloud environments. In an official statement made last month, Young said “we believe migrating to the cloud can be the best way to fix security problems by redefining the corporate IT perimeter and endpoints,”
Gartner, a world leading research and advisory company, forecasts that by next year 2021, over 75 per cent of medium- large organizations will have taken up multi-cloud or hybrid IT strategy. As the cloud platforms become more popular, the IT and DevOps teams will be challenged with the added concerns relating to securing the in “the cloud setups,” and reducing any risks.
The studies show threats and security weaknesses in several key areas of cloud-based computing. As a result, these weaknesses put credentials and company secrets at risk.
Firstly, misconfigurations create security loopholes that Criminals can capitalise on. For instance, ransomware, cryptomining, e-skimming and data exfiltration. Finding a way in, they love nothing more than to target companies.
Secondly, the study found that, “misleading online tutorials worsen the risk for some businesses, leading to mismanaged cloud credentials and certificates.
Above all, in order to tighten up security, Young suggests, “taking ownership of cloud data is paramount to its protection.”
Also read: US, UK cyber officials say state-backed hackers taking advantage of outbreak