Fugue’s new State of Cloud Security 2020 report reveals that misconfigured cloud-based databases continue to pose a severe security risk to organizations.
Cloud misconfiguration remains the top cause of data breaches in the cloud, and the ongoing COVID-19 pandemic is is exacerbating the situation. Almost any organization believes that the transition to cloud infrastructure has created new security vulnerabilities, 84% are concerned they’ve been compromised and don’t know it, while 28% have already been already hacked and are aware of the attack.
Unfortunately, even if the awareness of the security risk has increased, companies are not able to avoid exposing their cloud servers online due to a misconfiguration or a security breach.
According to the report, the top causes of Cloud Misconfiguration were the lack of awareness of cloud security and policies (52%), the lack of adequate controls and oversight (49%), the presence of too many APIs and interfaces to adequately govern (43%), and negligent insider behavior (32%).
When dealing with challenges in managing Cloud misconfiguration 46% of surveyed organizations believe that Human error in missing critical misconfigurations is the main issue, while 45% believe that human error when remediating critical misconfiguration represents a major problem to address. 43% of the organizations face difficulties in training team members on misconfigurations.
The misconfigurations have a great impact on the companies in term of cost of managing Cloud Misconfiguration. 47% of the surveyed organizations spend more than 50 hours per week teams in addressing the problem.
The majority of the organizations believe that they need automated detection and remediation to address
Cloud Misconfiguration (95%), while 30% aims at obtaining a better visibility into cloud infrastructure.
Most of the incidents are caused by unauthorized access to instance or databases (52%), while object storage breaches account for 32% of the incidents.
Let’s close with the type of Cloud Misconfigurations, according to the survey, 44% are related to Security Group Rules (or firewall rules), 40% Identity and Access Management, 36% are related to encryption at rest which is disabled.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, Cloud misconfiguration)