Most organizations know that cloud computing will comprise the majority of their future business-technology systems. The problem is they’re not quite sure what that looks like yet.
And while many organizations are a decade or more into getting their feet wet with cloud, they’re still trying to figure out how to manage and secure these systems, according to findings of a survey of security leaders conducted by CRA Business Intelligence. Indeed, as cloud-based assets/workloads increase, 50% of respondents were very concerned about their ability to secure their cloud systems, with 72% “extremely” or “very concerned.”
The data and insights in CRA’s new cloud report are based on an online survey conducted by CRA Business Intelligence in April 2022 among 303 security leaders and practitioners in the U.S. The survey was sponsored by Invicti and Bishop Fox.
Among the themes that emerged from the findings was a sense that organizations are still trying to assess security strategies even as transitions take place, often learning lessons from incidents that occur in the process.
“Attackers from outside our organization breached our cloud and tried to steal sensitive information about developing products,” said one respondent. “We stopped the attack by shutting down the server, reconfiguring the firewall, and replacing all the tokens.”
Here are some other high-level findings:
- Cloud attacks on the rise. Thirty-seven percent of respondents reported their organization experienced one or more cloud-based attacks or breaches in the last two years. On average, victims experienced an average of four cloud-based attacks since 2020.
- Workloads in the cloud are growing. The number of cloud assets/workloads has grown among companies, with 55% of respondents running up to 50 assets/workloads in the public cloud and 56% putting up to 50 assets on hosted clouds, or about an average of 66 assets in either public or hosted clouds.
- Companies face similar security concerns. When it comes to the top data security concerns in the cloud, respondents cite the following: lack of detection/response, compromised users, misconfiguration, and inability to monitor changes within cloud environments.
Public clouds most prone to attacks
Although 38% of respondents say their organization suffered a cloud attack or breach in the past two years, many report they were compromised on both their hosted and public cloud environments. The vast majority (84%) experienced attacks on their public cloud and 56% were impacted in their hosted cloud environments.
According to Top Threats to Cloud Computing from the Cloud Security Alliance, cloud attacks are largely caused by the lack of visibility and control into hosted and public clouds, including misconfigurations, poor change control, lack of strategic cloud security architecture, and a weak control plane. Others are tied to identity management problems, such as account highjacking and insufficient identity, credential, and access/key management.
“I think one of the key issues is a lack of experience and knowledge for the internal teams,” said another respondent. “We have to rely on the expertise of consultants and then attempt to build our own skillsets through new hires or on-hand experience.”