Misconfiguration and vulnerabilities biggest risks in cloud security: Report

The two biggest cloud security risks continue to be misconfigurations and vulnerabilities, which are being introduced in greater numbers through software supply chains, according to a report by Sysdig. While zero trust is a top priority, data showed that least privilege access rights, an underpinning of zero trust architecture, are not properly enforced. Almost 90% of granted permissions are not used, which leaves many opportunities for attackers who steal credentials, the report noted. The data was derived from an analysis of more than seven million containers that Sysdig customers are running daily. 87% of container images have high or critical vulnerabilities. Almost 87% of container images were found to include a high or critical vulnerability, up from the 75% reported last year. Some images were found to have more than one vulnerability. Organizations are aware of the danger, but struggle with the tension of addressing vulnerabilities while maintaining the fast pace of software releases, Sysdig noted. The reason vulnerabilities persist despite having a fix is because of bandwidth and prioritization issues. When 87% of container images running in production have a critical or high severity vulnerability, a DevOps or security engineer can log in and see hundreds, if not thousands of images with vulnerabilities. Only 15% of critical and high vulnerabilities with an available fix are in packages loaded at runtime. By filtering out those vulnerable packages that are actually in use, enterprises can focus their efforts on a smaller fraction of the fixable vulnerabilities that represent true risk. On measuring the percentage of vulnerabilities in packages loaded at runtime by package type to gauge which language, libraries, or file types presented the most vulnerability risk, Sysdig found that Java packages were responsible for 61% of the more than 320,000 vulnerabilities in running packages. Java packages make up 24% of the packages loaded at runtime. More vulnerabilities in packages exposed at runtime results in a higher risk of compromise or attack. Java has the greatest number of vulnerabilities exposed at runtime. While Java is not the most popular package type across all container images, it is the most common in use at runtime. "For this reason, we believe that both the good guys and the bad guys focus on Java packages to get the most bang for their buck. Due to its popularity, bug hunters are likely more dedicated to Java language vulnerabilities," Morin said. While newer or less common package types may seem more secure, Morin said this could be because vulnerabilities haven't been discovered or worse yet, they have been found, but have not been disclosed. Even with the perfect shift-left security practice, threats can arise in production. Organizations should follow a shift-left and shield-right strategy, Sysdig suggested. Shield-right security emphasizes mechanisms to protect and monitor running services. "Traditional security practices with tools like firewalls and intrusion prevention systems aren't enough. They leave gaps because they typically don't provide insight into containerized workloads and the surrounding cloud-native context," Morin said. Static security testing can also be informed by runtime intelligence to pinpoint what packages are executed inside the containers that run the application. "This enables developers to deprioritize vulnerabilities for unused packages and focus instead on fixing exploitable, running vulnerabilities. The goal of every cybersecurity program should be full lifecycle security," Morin added. Misconfiguration biggest culprit in cloud security incidents. While vulnerabilities are a concern, misconfigurations are still the biggest player in cloud security incidents and should be one of the greatest causes for concern in organizations. By 2023, 75% of security failures will result from inadequate management of identities, access, and privileges, up from 50% in 2020, according to Gartner. Data from Sysdig showed that only 10% of permissions granted to non-admin users were utilized when analyzed over a 90-day window. Sysdig's year-over-year analysis revealed that organizations are either granting access to more employees or maturing their Identity and Access Management practices. The growth in human user population may be a by-product of moving more business into cloud environments or ramping up staffing due to business growth, the cybersecurity firm noted. This year, 58% of identities on Sysdig customers' cloud environment were found to be non-human roles, down from 88% last year. Non-human roles are often used temporarily and if they are no longer used and are not removed, they provide easy access points for malicious actors. "Reason for the shift in types of roles could be that organizations' cloud use is growing and with the adoption, more employees are being granted cloud accesses, therefore shifting the balance of human and non-human roles," Morin said. More than 98% of permissions granted to non-human identities have not been used for at least 90 days. "Oftentimes, these unused permissions are granted to orphaned identities, such as expired test accounts or third-party accounts," Sysdig noted. Security teams should apply least privilege principles to non-human identities in the same way they manage human identities. Organizations need to grant the minimum access that a human needs to do the job. The same applies to non-humans, such as applications, cloud services or commercial tools that need access to do their job. These operate similar to how applications on cell phone that request permissions to access contacts, photos, camera, microphone, and more.

This Cyber News was published on www.csoonline.com. Publication date: Wed, 01 Feb 2023 13:10:02 +0000


Cyber News related to Misconfiguration and vulnerabilities biggest risks in cloud security: Report

2023 Cloud Security Report - Security concerns remain a critical barrier to cloud adoption, showing little signs of improvement in the perception of cloud security professionals. Cloud adoption is further inhibited by a number of related challenges that prevent the faster and ...
11 months ago Cybersecurity-insiders.com
Cloud Security: Stats and Strategies - An interesting aspect in O'Reilly's latest Cloud Adoption report based on a global survey conducted is that 90% of the responders are using the cloud to support their business. One of the key takeaways from the State of the Cloud report from Flexera ...
10 months ago Feeds.dzone.com
Top Cloud Security Issues: Threats, Risks, Challenges & Solutions - Cloud security issues refer to the threats, risks, and challenges in the cloud environment. To combat these cloud security issues, develop a robust cloud security strategy that addresses all three to provide comprehensive protection. Cloud security ...
5 months ago Esecurityplanet.com
Multi-Cloud vs. Hybrid Cloud: The Main Difference - The proliferation of cloud technologies is particularly confusing to businesses new to cloud adoption, and they're sometimes baffled by the distinction between multi-cloud and hybrid cloud. Although the public cloud infrastructure and public cloud ...
11 months ago Techtarget.com
The 10 Best Cloud Security Certifications for IT Pros in 2024 - Many professionals seeking a career in cloud security turn to certifications to advance their learning and prove.... their knowledge to potential employers. The number of cloud security certifications has increased in recent years making it difficult ...
10 months ago Techtarget.com
What Is Cloud Security Management? Types & Strategies - Cloud security management is the process of safeguarding cloud data and operations from attacks and vulnerabilities through a set of cloud strategies, tools, and practices. The cloud security manager and the IT team are generally responsible for ...
5 months ago Esecurityplanet.com
What is a Cloud Architect and How Do You Become One? - A cloud architect is an IT professional who is responsible for overseeing a company's cloud computing strategy. This includes cloud adoption plans, cloud application design, and cloud management and monitoring. Cloud architects oversee application ...
8 months ago Techtarget.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
9 months ago Esecurityplanet.com
4 types of cloud security tools organizations need in 2024 - By now, organizations know which on-premises security tools they need, but when it comes to securing the cloud, they don't always understand which cloud security tools to implement. While many traditional on-premises tools and controls work in the ...
7 months ago Techtarget.com
CrowdStrike Enhances Cloud Asset Visualization to Accelerate Risk Prioritization - The massive increase in cloud adoption has driven adversaries to focus their efforts on cloud environments - a shift that led to cloud intrusions increasing by 75% in 2023, emphasizing the need for stronger cloud security. As organizations increase ...
6 months ago Crowdstrike.com
Misconfiguration and vulnerabilities biggest risks in cloud security: Report - The two biggest cloud security risks continue to be misconfigurations and vulnerabilities, which are being introduced in greater numbers through software supply chains, according to a report by Sysdig. While zero trust is a top priority, data showed ...
1 year ago Csoonline.com
What Is Cloud Workload Security? Ultimate Guide - Cloud workload security, or cloud workload protection, refers to the tools and policies used to protect apps, services, and resources that run on cloud infrastructure. Your organization can manage cloud workload security through coordination across ...
4 months ago Esecurityplanet.com
Benefits and challenges of managed cloud security services - Too many organizations lack the in-house cloud security expertise and resources needed to protect cloud assets effectively. One option to address these challenges is managed cloud security. Outsourcing cloud security to a third party not only helps ...
9 months ago Techtarget.com
Cloud Security: Ensuring Data Protection in the Cloud - Data Encryption: Protecting sensitive data is a top priority in cloud security. Cloud security is of utmost importance when it comes to protecting and ensuring the confidentiality of data stored and transmitted in the cloud. Data protection in the ...
9 months ago Securityzap.com
Managing the Requirements of a MultiCloud System - The use of digital technology has advanced to include cloud computing in the delivery of services, cost reduction, increased agility, and improved security. The emergence of various cloud solutions has led organizations to move their assets from ...
1 year ago Blog.isc2.org
Top 7 Cloud Storage Security Issues & Risks - Cloud storage security issues refer to the operational and functional challenges that organizations and consumers encounter when storing data in the cloud. Cloud storage risks involve potential external threats and vulnerabilities that jeopardize the ...
9 months ago Esecurityplanet.com
Cloud Security Best Practices for Businesses - In today's digital landscape, ensuring robust cloud security is a crucial priority for businesses. The increasing reliance on cloud services to store and process sensitive data necessitates organizations to adopt best practices to safeguard their ...
10 months ago Securityzap.com
REVIEW: ISC2 CERTIFIED CLOUD SECURITY PROFESSIONAL CERTIFICATION - The Certified Cloud Security Professional is a highly respected cybersecurity certification that addresses the needs of professionals and employers for robust and adaptable cloud security expertise. As cyber threats continue to escalate, the demand ...
10 months ago Cybersecurity-insiders.com
Master Cloud Computing Risks with a Proactive, End-to-End Approach - These guiding principles have provided a foundation for Accenture's public cloud security offerings since they were introduced in 2018. With the release of the Prisma® Cloud Darwin update, Palo Alto Networks dramatically simplifies risk mitigation ...
11 months ago Paloaltonetworks.com
How To Ensure Cloud Application Security - As the demand for cloud-based apps surged, more entrepreneurs switched to cloud models for their applications. There is a key concern involved with the cloud. Cloud computing has evolved for a long time in the past years and is not a new concept. ...
10 months ago Feeds.dzone.com
7 Considerations for Multi-Cluster Kubernetes - A hybrid cloud is a cloud computing environment that combines public and private clouds, allowing organizations to utilize the benefits of both. In a hybrid cloud, an organization can store and process critical data and applications in its private ...
10 months ago Feeds.dzone.com
The Art of Securing Cloud-Native Mobile Applications - We will explore the dynamic intersection of cloud-native architecture and mobile application security, delving into the strategies and best practices essential for safeguarding sensitive data, ensuring user privacy, and fortifying against emerging ...
11 months ago Feeds.dzone.com
How to create a cloud security policy, step by step - What's needed is a set of rules for how cloud security is managed, and the key to that is a cloud security policy. A cloud security policy contains detailed guidelines to help an organization ensure that it operates safely in the cloud. Because cloud ...
6 months ago Techtarget.com
Falcon Cloud Security Supports Google Cloud Run to Strengthen Serverless Application Security - We're thrilled to share that the CrowdStrike Falcon® sensor now fully supports Google Cloud Run, bringing advanced security capabilities to your serverless applications. While we announced this at Google Cloud Next in April 2024, this blog goes ...
4 months ago Crowdstrike.com
Middle East CISOs Fear Disruptive Cloud Breach - As organizations in the Middle East increasingly adopt cloud services, business leaders worry that their cloud-security measures are falling short. Running in the Cloud The worries arise as organizations in the Middle East accelerate their cloud ...
11 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)