The prevalence of cloud misconfigurations, complexities and observability issues were some aspects examined in an international survey. Here are some findings…

Through a March 2023 online survey of 825 IT and cybersecurity professionals at large enterprises in the US, the UK, Germany, France, Australia, Mexico, India, Brazil, Japan, and Saudi Arabia on modern IT and cybersecurity challenges, the following findings were reported.

Firstly, cloud infrastructures, including public, private, and hybrid models, were considered by respondents to be a great source of cyber risk, in the following order: among the countries surveyed in the region (70%); in Latin America (66%); in surveyed countries in Europe, the Middle East and Africa; and in the US (62%).

Of the respondents in the countries in the (Asia Pacific) that considered their cloud infrastructure to be a serious source of cyber risk, 46% selected “inadequate visibility into potential misconfigurations within their cloud infrastructure” as their responses.

Secondly, in addition to specific cloud security concerns, 57% of respondents representing the parts of APAC surveyed cited a “lack of data hygiene in user data and vulnerability management systems” that could prevent employees from making prioritization decisions.

Thirdly, 31% of respondents representing the APAC countries surveyed cited they were being consulted early in cloud service selection and deployment processes. This was considering that 37% of the regional  respondents citing that their business and engineering teams had purchased and deployed cloud services without the knowledge of cybersecurity teams.

According to Nigel Ng, Vice President, Tenable Inc. (APJ), which commissioned the survey: “The evolving complexity of cloud infrastructures demands a proactive security posture,” alluding to the risks of cloud misconfigurations and overlooked assets due to the reliance on multiple cloud systems, identity and privilege management tools, and web-facing assets. “This proactive approach is vital for organizations to stay ahead of the rapidly changing cyber threat landscape and secure their cloud infrastructures effectively,” Ng said.