Report Shows Cyber Attacks on Cloud Services Have Doubled
As cloud services increase in popularity, a worrying cybersecurity trend has emerged. According to the 2020 Trustwave Global Security Report, the volume of attacks on cloud services more than doubled in 2019 and accounted for 20% of investigated incidents. Although corporate and internal networks remain the most targeted domains, representing 54% of incidents, cloud environments are now the third most targeted environment for cyber attacks.
As digital transformation drives cloud adoption, these alarming statistics underscore that a different approach is needed to reduce the new and evolving set of risks associated with the cloud.
Cloud services complicate security performance management
The cloud substantially grows the corporate digital footprint far beyond its usual digital perimeter. As such, organizations often lack visibility into the inventory of critical assets in their cloud ecosystems, as well as the risk associated with those assets.
This challenge is compounded by the cloud shared security model. Organizations must understand the model for every cloud vendor they work with and configure each cloud instance securely. If they don’t, they open themselves to cyber risk. Furthermore, traditional cybersecurity assessments used for on-premise environments can be difficult to scale. This makes it hard for security teams to discover and determine how well they are securing their cloud-hosted assets — and what portion of the risk they own and manage versus their cloud providers.
As the Trustwave report shows, it’s more important than ever that organizations achieve broad and continuous visibility into all assets across their digital ecosystems. They need insight into unknown malware infections, outdated security certificates, exposed ports (such as those exposed by the BlueKeep exploit in 2019), SSL misconfigurations, bad web application headers, and so on.
In an on-premise environment, this really comes down to basic security hygiene — but in the cloud it’s far more complex. Bitsight Attack Surface Analytics can help security teams overcome the challenges of managing cyber risk across their expanding digital ecosystems.
Monitor risk hidden in cloud environments
Bitsight Attack Surface Analytics gives security teams continuous, broad visibility and context into their attack surface in the cloud. Security managers can understand the risk profiles of all cloud-hosted assets, even across subsidiaries and acquired companies.
A centralized dashboard outlines the location of all assets — broken down by their cloud providers — and shows the corresponding cyber risk associated with each individual asset based on the number of material/severe findings. These findings can reveal areas of weaknesses in an organization’s security programs and failed security controls that expose them to risk.
Understand cyber risk in context
For businesses to get the greatest cybersecurity ROI out of their initiatives, they must allocate resources based on the criticality and level of risk associated with each asset. For instance, a top priority could be remediating any incidents that involve a critical asset with a high risk of being breached. But with an ever-expanding cloud footprint, making these prioritization decisions can be difficult. Identifying the most severe security events often involves filtering through multiple technology solutions and massive amounts of data.
With Bitsight Attack Surface Analytics, you gain unprecedented visibility into your digital ecosystem. Powerful analytics data gives you the context you need to better understand which assets are properly secured — and which represent the greatest potential for security risk — empowering you to make informed, comparative remediation decisions.
The solution also layers additional context into map-based views, such as geographic location. Managers can be alerted to unauthorized cases of servers spun up in the cloud, such as an AWS instance in China, or other cloud instances that aren’t listed in the organization’s inventory of contracted vendors. Security teams can also determine the precise location of a vulnerable asset, such as an instance in Germany that may be misconfigured, and quickly move to remediate that risk. They can also prioritize remediation efforts by ranking the importance of assets by cloud provider.
Additionally, Bitsight Attack Surface Analytics provides visibility into multi-cloud environments. Security teams can compare the cybersecurity posture of multiple AWS deployments, or the security of AWS in comparison to a Google Cloud or Oracle instance and bring them into alignment.
With the additional context that Bitsight Attack Surface Analytics provides, it’s easier than ever to focus remediation efforts and align security policies across the digital landscape.
Get one step ahead of opportunistic threat actors
Cloud environments are emerging as a lucrative target for threat actors seeking to exploit confusion about the shared security model and a lack of organization-wide understanding of security performance and risk.
To alleviate these challenges, organizations must have comprehensive and continuous visibility into their digital footprints. Only with this insight and context can they take the first step towards establishing an effective security program — before opportunistic threat actors strike.