The attack surface is expanding with the cloud. Are you leaving your cloud open to attacks?
Palo Alto Networks has published the Unit 42 Cloud Threat Report, Volume 7, which takes a comprehensive look at the current cloud security landscape based on data collected over the past 12 months, including:
- Examination of real breaches that impacted medium and large-size companies,
- Evaluation of issues observed in thousands of multi-cloud environments
- Analysis of the impact of open-source software (OSS) vulnerabilities on the cloud
With the rate of cloud migration showing no sign of slowing down—from US$370 billion in 2021 and predicted to reach $830 billion in 2025 – organizations are at risk of falling victims to cloud-related attacks and exploitations due to cloud vulnerabilities.
Highlights from the report include:
- Security alerts are resolved in 145 hours (approximately 6 days) on average
- 80% of the alerts are triggered by just 5% of security rules in most organizations’ cloud environments
- 63% of the codebases in production have high or critical unpatched vulnerabilities
- Multi-factor authentication (MFA) is not enforced for cloud users in many organizations
- Sensitive data are found in 66% of storage buckets and 63% of publicly exposed storage buckets
- Organizations find code dependencies management quite challenging
- Updated Cloud Threat Actor Index: New cloud threat actors and activities
- Breakdown of two cloud breach incidents Unit 42 IR team handled in 2022
Check out this infographic for the key figures on cloud security today.