As organizations continue their migration to the cloud, threat groups are not far behind.
According to a report earlier this year from cybersecurity firm CrowdStrike, the number of attacks against cloud environments in 2022 jumped 95% year-over-year, and those involved cloud-conscious bad actors almost tripled.
The U.S. Cybersecurity and Infrastructure Security Agency in April 2022 rolled out a problem aimed at developing consistent and modern security configurations aimed at protecting information store in cloud environments.
In October that year, the agency kicked off the first pilot initiative in the Secure Cloud Business Applications project with security configuration baselines for Microsoft 365 environments.
The baselines were aimed at federal agencies, but CISA Associate Director Michael Duffy at the time encouraged even private organizations that use cloud servers to implement practices being developed within SCuBA when possible.
CISA Tuesday took another step in the SCuBA effort, announcing similar minimal secure configuration baselines for Google Workspace applications and ScubaGoggles, a related assessment tool available on GitHub to allow organizations to see how they measure up to the Google baselines.
The baselines were developed in collaboration with Google, Duffy wrote.
With Microsoft 365 and Google Workspace, CISA said it is targeting two of the largest cloud business platforms.
CISA also offers a range of free open-source tools from its SCuBAGear and other programs that can be used with Azure, Google Cloud, AWS, and other cloud environments, with the agency noting that such tools are important to both cloud providers and users.
The new baselines include a collection of security controls for nine Google Workspace services, including Gmail, Google Chat, Calendar, Meet, Groups for Business, and Drive and Docs.
CISA is taking in comments from interested stakeholders until January 12, 2024.
Programs like SCuBA are taking on a greater importance as hackers increasingly target cloud environments, he wrote, noting the attack this summer by China-linked threat group Storm-0558, which hacked its way into Microsoft 365 and Exchange Online accounts and stealing email from government and corporate accounts.
CISA earlier this year worked with 12 federal agencies to implement the Microsoft 365 baselines across their environments.
This Cyber News was published on securityboulevard.com. Publication date: Tue, 12 Dec 2023 20:13:04 +0000