The study also said 68% of security pros surveyed had some concern with fellow employees unwittingly uploading malicious files and compromising cloud environments.
Deep Instinct’s report underscored the need for enhanced security measures overall: The study found that the average global response to a cyberattack was 20.9 hours — more than two working days.
Businesses have a growing concern about files being stored in the cloud for good reason, said Chuck Everette, director of cybersecurity advocacy at Deep Instinct. If an endpoint becomes infected with malware or ransomware, Everette said it’s quite probable that it can infect the cloud resources connected to it.
“Ransomware and malware can cause immense harm when infecting cloud environments, which are often built for business continuity providing ease of access and usage but not security,” Everette said. “Cloud resources are shared by many and make prime targets for criminal actors. If they can infect the files stored in the cloud, they can potentially infect a larger number of victims, essentially expanding their attack surface significantly. Typically, employees and sometimes even outside customers and clients have access into the organization’s cloud infrastructure to upload files. The mechanisms to scan these files for advanced threats is typically nonexistent or limited at best. Office and PDF files can be easily weaponized with the use of macros and malicious links and scripts.“
Something close to 95% of all cloud security breaches are a result of user error and cloud server user misconfigurations, explained Yaniv Bar-Dayan, co-founder and CEO at Vulcan Cyber. Bar-Dayan said cloud environments are becoming more and more complex with more apps, users, data and even more clouds added daily.
“We see a large number of companies trying to eliminate vulnerabilities using tools alone and are finding it difficult to achieve risk remediation outcomes in the cloud if they don't have the right processes and dedicated teams,” Bar-Dayan said. “Enterprise consumers of cloud services should make the security of the services they consume a top priority and be as proactive as the cloud service providers in their never-ending mitigation efforts.”
Josh Brewton, CISSP at Cyvatar, said as the journey from traditional on-premises solutions to cloud-based ones continues, security teams must ensure that what they do is suitable for the company’s data and organizational goals. Brewton said security teams have to ask themselves if they have the in-house knowledge or personnel to handle architectural and data security requirements.
“While many cloud providers maintain the security of their cloud environments, it’s up to each organization to maintain the security and integrity of the created and uploaded data,” Brewton said.