Categories: InfoSec News

Report: 4 in 5 companies have experienced a cloud security incident

Published by
RiSec.Mitch

New research from cybersecurity company, Venafi, found that 81% of companies report that they have suffered a security incident in the cloud over the last year. And almost half (45%) report that their organization experienced at least four incidents.

The research looked to highlight the increased operational risk caused by companies migrating more of their applications to the cloud due to the complexity of cloud-native environments.

In fact, Venafi also found that companies currently host 41% of their applications on the cloud. That percentage is expected to rise to 57% throughout the next 18 months. As it rises, the need for robust cloud security will rise too.

Venafi’s research found that a majority feel cloud-based application security should be a shared responsibility between teams. Source: Venafi

With the complexity created by the cloud, machine identities have become a rich hunting ground for threat actors targeting the cloud. Every container — including Kubernetes cluster and microservices — needs an authenticated machine identity to communicate securely, such as a TLS certificate. Security and operational risks increase dramatically if one is compromised or misconfigured.

Venafi’s research also revealed that there is no clear industry standard for which the internal team is currently responsible for securing the cloud. Most commonly, this falls under the remit of enterprise security teams (25%), followed by operations teams responsible for cloud infrastructure (23%), a collaborative effort shared between multiple teams (22%), developers writing cloud applications (16%) and DevSecOps teams (10%). 

There is also not a clear consensus among security decision-makers about who should be responsible for securing the cloud. Cloud infrastructure operations teams and enterprise security teams (both 24%) are among the most popular, followed by sharing responsibility across multiple teams (22%), developers writing cloud applications (16%) and DevSecOps teams (14%).

New approaches to security must make use of a control plane to embed machine identity management into developer workloads, allowing teams to protect the business without slowing production.

For its research, Venafi polled 1,101 security decision-makers at companies with over 1,000 employees. Twenty-four percent of those surveyed were at companies with more than 10,000 employees.

Read the full report from Venafi.

Suggest an edit to this article

Cybersecurity Knowledge Base

Latest Cybersecurity News

Cybersecurity Academy

Homepage

source

Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for our Weekly Cybersecurity Newsletter Today.

Remember, CyberSecurity Starts With You!

  • Globally, 30,000 websites are hacked daily.
  • 64% of companies worldwide have experienced at least one form of a cyber attack.
  • There were 20M breached records in March 2021.
  • In 2020, ransomware cases grew by 150%.
  • Email is responsible for around 94% of all malware.
  • Every 39 seconds, there is a new attack somewhere on the web.
  • An average of around 24,000 malicious mobile apps are blocked daily on the internet.
Bookmark
Please login to bookmark Close
Social Comments Box
Share the word, let's increase Cybersecurity Awareness as we know it

This post was last modified on 24 October 2022 2:47 PM

RiSec.Mitch

Just your average information security researcher from Delaware US.

Leave a Comment
Published by
RiSec.Mitch
Tags: Cloud security Report

Recent Posts

  • Data Breach News
  • InfoSec News

WH Smith Announces Cyber-Attack: Employee Data Stolen

British high street chain WH Smith has recently revealed that it was hit by a…

2 years ago
  • InfoSec News
  • World Affairs

Voice ID: How Secure is it Really?

As banks worldwide roll out Voice ID as a means of user authentication over the…

2 years ago
  • Cybersecurity Academy
  • InfoSec News

What distinguishes Application Security from API Security?

In the era of digital transformation, cybersecurity has become a major concern for businesses. When…

2 years ago
  • Cybersecurity Academy
  • InfoSec News

The Top 5 Cybersecurity threats facing Businesses Today

In today's digital age, cybersecurity threats have become a significant concern for businesses of all…

2 years ago
  • InfoSec News
  • World Affairs

Enterprise users infected by RIG Exploit Kit thanks to Internet Explorer

The RIG Exploit Kit is currently in the midst of its most productive phase, attempting…

2 years ago
  • Cybersecurity Academy

The Rise and Rise of AI

One of the most transformational technologies of our time, artificial intelligence (AI), has quickly come…

2 years ago