In 2020, the RSA Conference still took place in San Francisco, but this year’s event was held virtual with the ongoing pandemic restrictions. The previous physically held conference in February 2020 saw plenty of exciting new research published, which we discussed at the time, focusing especially on cloud security.
Now, we decided to take a look at new data and see how things in the world of the cloud have developed from early 2020 to August 2021. It looks like the challenges remain the same, but have likely been exacerbated by the pandemic years.
Lack of cloud skills and staff resource
Firemon surveyed over 500 IT and security professionals whose work is related to securing cloud environments. Nearly 60 % of respondents were concerned about their skills to ensure their enterprise services in the cloud are secure.
A 2021 research by CSA and Algosec on cloud security concerns and challenges points toward similar findings. Employees' expertise and resource are key questions when it comes to cloud adoption: 47% of respondents were concerned about staff lacking cloud expertise, and 32% were afraid there was not enough staff to manage the organization’s cloud environment.
Employee expertise and sufficient staff were in a previous survey at the lower end of the of spectrum of concerns, but have now risen to second and fourth on the list, respectively. The report notes that the reasons are potentially tightly tied to the pandemic: the shift to remote work has been major and many organizations may still experience challenges addressing their employees in the new normal of 2021.
Misconfiguration causes security problems
The 2020 study by Firemon highlighted misconfiguration as an important source of cybersecurity problems. Configuration issues were also raised by respondents in the 2021 CSA report as both a concern and a factor in incidents. “Configuration and security settings” were the third ranked concern when running applications in a public cloud; after cloud provider issues (26%), misconfiguration was the second most common answer (22%) when asked factors that had contributed to organizations’ cloud outages.
To back these studies up, DivvyCloud's 2020 Cloud Misconfigurations Report that compiles data from 2018 and 2019 data breaches, pans the “move fast, fail fast” phrase as it seems to result also in getting breached fast. The report summarizes the reasons behind cloud security misconfiguration to four main problems: inexperienced users, outdated security models, lack of visibility, and an exceptional scale and scope of change.
The list is not surprising since the cloud platforms evolve at such a rapid pace that it can be challenging to keep up with all the new features and educate yourself.
The report pans the “move fast, fail fast” phrase as it seems to result also in getting breached fast
Security practices lag behind the work culture – but pandemic can also boost insider risks
In its 2020 report, Code42 found that the most typical way to share data with another organization was email (38 %), but cloud collaboration platforms were not very far behind with their 31 % share. Workers also admitted to using unauthorized cloud services for data sharing. The reason for avoiding tools with company approval ranged from slowness, restrictiveness, to lack of features.
In their 2021 follow-up to the report, Code42 notes that insider risks and the probability of file leaks have drastically increased with the unprecedented leap to remote work. According to the report, employees are 85% more likely to leak files than they were pre-COVID.
The report says that the biggest blindspot when it comes to insider risks, is files moving from endpoint to cloud services and applications. 53% of security teams cannot follow if a user moves files to domains that are not trusted and 56% have no historical context when it comes to user behavior, making it hard for them to evaluate when employee starts to become an insider risk.
At the same time, the report found that more than half of IT security leaders reported receiving complaints weekly or daily from employees who were blocked from legitimate access or activity to files. Data and file synchronization to personal accounts and the increasing demand for being to work anytime, anywhere, and a more rapid pace of changing jobs makes it difficult for all companies to keep up with the security practices.
The survey results point toward security teams needing to find and develop new ways to ensure they do not inhibit productivity, but can pinpoint genuine risks accurately. It may feel awkward to distrust your employees, but insider threats should not be whisked away.
Learn how to improve your cloud security
Are you concerned about the state of your cloud monitoring and visibility, security policies, or identity and access management to help tackle insider threats? The findings in these reports are not exactly new but a trend that keeps growing, and it’s good to have facts and figures to back up the message that cloud security is something to which you should pay attention. Luckily, there’s a lot you can do to improve your cloud security and minimize risks. Download our whitepaper, Your to do list for a secure cloud, and learn how to secure your cloud environments.
Would you like to stay up to date with the new cybersecurity trends? Subscribe to the Nixu newsletter.