The trend of cloud security concerns has evolved from provider-focused issues to risks associated with cloud adopters, according to the latest Top Threats to Cloud Computing report by the Cloud Security Alliance, reports HealthITSecurity.
Based on a survey of over 700 cybersecurity professionals, the report showed that the top 11 threats to cloud security includes insecure interfaces and APIs, misconfigurations, lack of a cloud security strategy and architecture and accidental cloud disclosure.
Researchers noted that the current view on cloud security has shifted the responsibility from providers to adopters, as shown in shared technology vulnerabilities, denial-of-service, CSP data loss and other traditional cloud security issues ranking lower than in previous studies.
New, highly rated items in the survey point to cloud adopters as the weak links, the report stated.
CSA said a number of the leading concerns were directly in the users control: identity and access management, cryptography, configuration management, poor coding practices and ignoring cloud direction.
Ahead of its imminent approval, the Biden administration's proposed executive order mandating U.S. cloud infrastructure-as-a-service providers to strengthen the verification of their users' identities has received industry opposition due to the increased financial and logistical burdens that would arise from such a rule, according to The Record, a news site by cybersecurity firm Recorded Future.
U.S. independent record label Empire Distribution, which has worked with Kendrick Lamar, Snoop Dogg, and 50 Cent, had its sensitive data exposed as a result of an environment file misconfiguration, Cybernews reports.