› Forums › Security › News (Security) › IaaS and Cloud Native Breaches: Why companies are at risk
Tagged: SecureElement_H11, Security_S12
- This topic has 1 voice and 0 replies.
-
AuthorPosts
-
-
November 15, 2019 at 5:16 pm #36584
#News(Security) [ via IoTGroup ]
Headings…
IaaS and Cloud Native Breaches: Why companies are at risk
Must-Read Cloud
Cloud Insights Newsletter
Also see
Python is eating the world: How one developer’s side project became the hot
How iRobot used data science, cloud, and DevOps to design its next-gen smarAuto extracted Text……
Infrastructure-as-a-Service (IaaS) is at a great risk for Cloud-Native Breaches, with 99% of misconfiguration incidents in public cloud environments going undetected, according to a McAfee report released today.
But in the rush to adopt IaaS, many companies have overlooked the need for security, assuming the cloud provider was handling it.
As a result, there have been numerous Cloud-Native Breaches (CNB), which are an opportunistic attack on data left open by errors in how the cloud environment was configured, or misconfigurations.
However, the rush to adopt this growing technology leaves security as an afterthought, with 99% of cloud misconfigurations going undetected by companies, McAfee’s Cloud Native: The Infrastructure-as-a-service (IaaS) Adoption and Risk report found.
“Cloud misconfiguration is one of the most preventable, yet common security issues cloud customers face,” said Sekhar Sarukkai, vice president of engineering for cloud security at McAfee.
Cloud infrastructure, or IaaS, is the most configurable, which introduces a higher risk of misconfiguration than SaaS.”
Rather, the report identified a cloud-native breach as “a series of actions by an adversarial actor in which they ‘Land’ their attack by exploiting errors or vulnerabilities in a cloud deployment without using malware, ‘Expand’ their access through weakly configured or protected interfaces to locate valuable data, and ‘Exfiltrate’ that data to their own storage location.”
This complacence reflected by our finding that only 26% of companies can currently audit for IaaS misconfigurations with their existing security tools.”
“Additionally, most organizations are multicloud, meaning they use multiple cloud service providers for infrastructure, increasing the difficulty of auditing configurations across multiple platforms,” Sarukkai said
Read More..
AutoTextExtraction by Working BoT using SmartNews 1.0299999999 Build 26 Aug 2019
-
-
AuthorPosts
- You must be logged in to reply to this topic.