What worked well to protect a non-digitalized infrastructure may not cover all the bases when an organization goes cloud-native.
Amid the pressure to modernize and innovate fast amid the turmoil of the pandemic that started in 2020, digital transformation via cloud computing has exploded. However, more than half of organizations surveyed in the region were unsure if their cybersecurity defenses on cloud platforms were strong enough to combat hackers’ continually innovative strategies.
Here are some of the key cloud security threats that organizations in the region should consider as they shore up their defenses. Firstly, malicious actors will still use low-effort but high-impact strategies in gaining access to cloud applications and services. They will also continue to compromise SaaS applications and services via unsecured secrets, unrotated access keys, unsecure container images obtained from untrusted sources, and immature or poorly implemented identity access control management policies.
Also, note that:
- Malicious actors will continue to exploit known vulnerabilities from past years because many environments are still not patched. On top of exploiting new vulnerabilities that will be discovered in the coming year, they will continue to use old ones that still work.
- On the other hand, cybercriminals will also be following technology trends. Any technology that gets widely adopted becomes a lucrative target for attackers, such as Java and WebLogic. The recently disclosed Log4j vulnerability should serve as a prediction of years of exploitation.
- Attackers will increasingly target DevOps tools and pipelines in cloud integrated development environments. They will be waging more campaigns using DevOps principles on supply chains, Kubernetes environments, infrastructure-as-code deployments, and pipelines. Developers are expected to become the direct targets and initial entry points via supply chain attacks.
- Lastly, cloud-first smaller businesses do not have dedicated security teams to identify potential gaps in the network. Even when they do, such teams are likely to be constrained by limited funding, in which cybersecurity is merely an operating expense. Because of their budget constraints, many smaller organizations will make securing endpoints their top priority, rather than accord cloud infrastructure security an equal ranking.
Sprucing up cloud-first security
Taking these trends into account, business leaders can follow a three-step regime.
- First, they need to go back to security basics. It may seem deceptively simple, but adhering to security best practices can help organizations combat the majority of old and new threats. Malicious actors will continue to exploit old vulnerabilities in systems and applications, so it is important for organizations to be on top of their patch management policies. This will help them avoid data breaches and, subsequently, costly fines and reputational damage. Enterprises should also understand and apply the shared responsibility model and regularly encrypt critical data.
- Secondly, the zero trust model will continue to be the fundamental approach to ensure cyber resilience. An organization’s security posture can be significantly improved by applying the zero trust model.
- Lastly, as organizations rely almost completely on cloud computing, they need to prioritize infrastructural visibility. With employees accessing cloud applications, services, systems, and databases remotely, it is important for organizations to bring visibility to the fore to help fortify their cybersecurity defenses. Security teams must be aware of all cloud providers, accounts, and services in order to keep an eye on them and make sure that they are configured as securely as possible. This will help minimize the risk of unintended exposures and misconfigurations.
While the cloud undoubtedly brings obvious benefits, organizations that do not start thinking of cybersecurity at a cloud-appropriate level may ironically become adequately more vulnerable.