Unit 42 Cloud Security Trends and Tips

Share and earn Cybytes
Facebook Twitter LinkedIn Email

The benefits for enterprises moving to the cloud are clear: greater flexibility, agility, scalability and cost savings. However, adopting public cloud infrastructure can also magnify security risks and compliance challenges. Today, we released the latest report from Unit 42, “Cloud Security Trends and Tips: Key Learning to Secure Your AWS, Azure and Google Cloud Environments.” In this report, Unit 42 looked at new and existing threats to cloud security from late-May through early-September 2018 and analyzed how enterprises are faring as they attempt to balance risk with efficiency.

Among other findings, the report shows:

  • Account compromises are increasing in scale and velocity: Unit 42 research reveals 29% of organizations have potential account compromises, 27% allow root user activities, and 41% of access keys have not been rotated in the last 90 days. Credential compromises are becoming more commonplace, and organizations clearly need to enforce strong governance and access hygiene. Enterprises must operate under the assumption that account compromises are a possibility, and implement monitoring to detect and rapidly respond to suspicious user activities.
  • Compliance is a work in progress: The numbers are undeniable: 32% of organizations publicly exposed at least one cloud storage service, 49% of databases are not encrypted, and 32% of GDPR compliance checks fail—a significant concern in today’s global operating environment. It’s long been known that risky resource configurations lead to high-profile breaches. There are signs of better protection of cloud storage services, but with the rise of sweeping regulations such as GDPR in Europe and California Consumer Privacy Act, many organizations still have much work to do before they achieve comprehensive compliance and governance across public cloud environments.
  • Cryptojacking may be cooling: Unit 42 found that 11% of organizations experienced cryptojacking activity in their environments—a serious problem, but better than the 25% reported in May. More than a quarter (26%) don’t restrict outbound traffic at all, and 28% of databases receive inbound connections from the internet. It appears that the diminishing value of cryptocurrencies, along with better detection capabilities, is helping decrease cryptojacking attacks. This represents an opportunity to implement greater countermeasures before the next wave of attacks.
  • A bright note in vulnerability management: Just as Spectre and Meltdown caused major business disruption earlier this year, the latest vulnerability affecting Intel processors (L1 Terminal Fault) and the remote code execution (RCE) flaw in Apache Struts 2 are generating headaches now: 23% of organizations have hosts missing critical patches in the cloud. Cloud service providers (CSPs) provide a first line of defense by updating their infrastructures and services, but customers have a role to play in identifying and patching vulnerable hosts—and that can’t be done with standalone vulnerability scanning tools that were not designed for cloud architectures.
  • Containing the container model: There’s no question that container adoption is booming: one in three organizations use native or managed Kubernetes orchestration, and a quarter leverage managed services in the cloud such as Amazon Elastic Container Service for Kubernetes (EKS), Google Kubernetes Engine (GKE), and Azure Kubernetes Service (AKS). Such platforms make it easy for developers to deploy, manage and scale containerized applications. The Unit 42 report finds that 46% of organizations accept traffic to Kubernetes pods from any source, and 15% don’t use Identity and Access Management (IAM) policies to control access to Kubernetes instances. Organizations need to apply network policies that isolate the pods and enforce access control.

Download “Cloud Security Trends and Tips: Key Learning to Secure Your AWS, Azure and Google Cloud Environments” for more security trends and actionable recommendations to protect your cloud environment.

The post Unit 42 Cloud Security Trends and Tips appeared first on Palo Alto Networks Blog.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Palo Alto Networks
Palo Alto Networks is the next-generation security company maintaining trust in the digital age by helping tens of thousands of organizations worldwide prevent cyber breaches. With our deep cybersecurity expertise, commitment to innovation, and game-changing Next-Generation Security Platform, customers can confidently pursue a digital-first strategy and embark on new technology initiatives, such as cloud and mobility. This kind of thinking and know-how helps customer organizations grow their business and empower employees all while maintaining complete visibility and the control needed to protect their critical control systems and most valued data assets. Our platform was built from the ground up for breach prevention, with threat information shared across security functions system-wide, and designed to operate in increasingly mobile, modern networks. By combining network, cloud and endpoint security with advanced threat intelligence in a natively integrated security platform, we safely enable all applications and deliver highly automated, preventive protection against cyberthreats at all stages in the attack lifecycle without compromising performance. Customers benefit from superior security to what legacy or point products provide and realize a better total cost of ownership.
Promoted Content
Unit 42 Report - Ransomware: Unlocking the Lucrative Criminal Business Model
Ransomware, specifically cryptographic ransomware, has quickly become one of the greatest cyber threats facing organizations around the world. This criminal business model has proven to be highly effective in generating revenue for cyber criminals in addition to causing significant operational impact to affected organizations. It is largely victim agnostic, spanning across the globe and affecting all major industry verticals. Small organizations, large enterprises, individual home users – everyone is a potential target. Ransomware has existed in various forms for decades, but in the last several years criminals have perfected the key components of these attacks. This has led to an explosion of new malware families and has drawn new actors into participating in these lucrative schemes.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?