Threats are shifting from cloud providers to developers and users, according to a new report.
As a result of the pandemic’s forced push for remote work and the increasing complexity of cloud workloads, the threats to cloud security have shifted.
Concerns related to cloud service providers’ vulnerabilities were top of mind in 2019, but this year, cloud adopters appear to be the “weak links,” according to the Cloud Security Alliance’s recent report: Top Threats to Cloud Security: The Pandemic Eleven.
In its survey of over 700 cloud industry experts on cloud security issues, CSA found that threats are moving up the stack to user-controlled issues: identity and access management, insecure interfaces, misconfiguration, poor coding practices and a lack of a cloud security architecture and strategy.
The top threat was insufficient identity, credentials, access and key management. Bad actors are taking advantage of self-signed certificates and poor cryptographic management as well as employee fatigue with security protocols. Inadequate identity controls can result in data corruption, exfiltration, ransomware and loss of trust. Proper identity and access management requires user objects be given risk scores that dynamically adjust as requirements change. “Trust should be earned rather than simply providing keys and codes,” CSA said.
The next most cited threat, according to the report, is securing interfaces and APIs. Misconfigured interfaces are a leading cause of security incidents and data breaches, CSA said, allowing data exfiltration, deletion or modification or service interruptions. To help lock down interfaces, organizations should secure the API attack surface, update change management policies and embrace automation to monitor for anomalous API traffic.
Third, misconfigurations and inadequate change control in today’s automated, dynamic cloud environment can leave assets vulnerable to unintentional damage or external/internal malicious activity, the report said. Organizations should deploy technologies that allow them to continuously scan for misconfigured resources so they can remediate vulnerabilities in real-time.
“These security issues are a call to action for developing and enhancing cloud security awareness, configuration, and identity management,” the report concluded. “The cloud itself is less of a concern, so now we focus more on the implementation of the cloud technologies.”