Hello, everybody. And welcome to the introduction to Cloud Security. My name is Nicholas Moy. We're going to point Thio the one and only see essay the Cloud Security Alliance for the top cloud security threats. Now, these are the treacherous 12 and we call them
the treacherous 12 R C. S A. Calls them that because
uh, common or the top most common cloud security threats that's you might experience when using the cloud. And I have seen these firsthand. I think that anyone who
has been spending any amount of time in the cloud whether you work in security or you're just working, you know, administrative task or or data handling in the cloud. You probably have experienced these to some extent. And part of the reason why is, you know, user error. It could be a lack of security control, lack of know how things like that.
But, you know, first of all, the one thing that we're gonna focus on is as data breach. So data breach is a big one, and this is gonna be a big one, regardless of whether you're in the cloud or you're not. This is really not so different if somebody were to breach your information on premise.
Basically, you want to make sure that your information is kept secret. You don't want to make sure you don't want to have any of that data leaked out into the public because that can cause harm to your organization. So that is one of our top concerns. And unfortunately, it's also one of the most vulnerable or one of the largest threats
to the cloud. And part of that's because people don't
no or don't understand how to secure their data in the cloud. Or maybe they forgot to implement the correct security controls where they got it confused. So, really, having a good understanding of the security controls the best practices on how to implement security in the cloud based on whatever Avenger you choose,
it is vitally important,
and moving on to the next is gonna be weak identity credential and access management. So
access management obviously is one of the security controls. When going into the cloud, it's it's basically the handling of who has access to what's and making sure that that that ax, especially if it's root access or admin axis, is not gonna be exploitable to, ah, hacker or script kiddie. Who wants to get in and have fun?
Um, if you don't do things like us, uh,
enable multi factor authentication were, um, sets, complex password policies and password rotation policies. Things like that. That's weak identity. That's we credential and access management. And unfortunately, that is going thio put you in a bad position, especially being one of the top six
security threats and and and one of the things that you really should be looking
four as an organization if you're moving into the cloud, so make sure you keep that in mind.
Number three has to deal with insecure application programming interfaces. Now, if you're just using the cloud for, ah Dragon drop data redundancy, data storage. This may not be such a big issue for you, but as you're building more complex integrations into the cloud, maybe you're building an application and you're
incorporating different Cloud Service is together on premise off premise. Whatever
AP eyes could be a thing that you need to make sure that you're securing, so
make sure you keep that in mind. Number four on our list ISS system and application vulnerabilities So when we're talking about this, we're talking about your operating systems were talking about zero day vulnerabilities, things like that. Really. The best way to go about this is to make sure that whether using a cloud server instance where you have an on premise, sir, for instance, and
it's connecting to the cloud,
make sure that's all of your software. All of your operating systems are patched, making sure that you have the correct firewall implemented that you have only the necessary protocols. Accessing inbound and outbound
outbound traffic and making sure that you know you got your anti malware software running and you're consistently checking for any threats that may pose an issue to any of your systems or your applications.
Number five on our list has to do with account hijacking. Now this is going to fall back Thio the week Identity credential In access management, make sure that your accounts are staying secure. Make sure that you also are removing any accounts that are not being utilized. You know, if you have
an employee who got fired or maybe moved on and they had access to your cloud Ah, your cloud infrastructure. Make sure that that user has been deleted or has been disabled That way, any person
ah, who might want Thio attack your your applications or might wanna attack your infrastructure.
They can't exploit that for gotten
accounts in order to do so.
Malicious insiders is another posing threat that sits as number six on our list here. And basically, this could be somebody a disgruntled employee from the inside who decides. Hey, I'm going to cause havoc in the cloud. Maybe he's going to delete data
or try to alter the data or, uh,
walk it down, Or maybe maybe even share it with a competitive er er this could be This could be a
Any of these attacks I just mentions, could easily be done by malicious insider and can cause a lot of damage to your organization. So make sure that you are giving on Lee there correct permissions to the correct people and that you don't have just anybody do whatever they want in the cloud. That way, you
save yourself the heartache.
Number seven on our list has to do with advanced. Persistent listed as number seven. On our lists is advanced, persistent threats. Now, when you're dealing with large scale infrastructures and the cloud or integrating infrastructures on premise and in the cloud, this could be something that is easily overlooked. Luckily,
it's not very common in its its is number seven on our list.
Basically, it's when an attacker can gain foothold into your your cloud infrastructure,
and they just stay there covertly doing things minor in the background until maybe they're leading up to a large scale attack. Or they're trying to secretly, ah, siphon information out ends, do something harmful to your organization That way, so good waited to mitigate This is to make sure that's
a you only have the correct users
accessed in their Seeger constantly auditing your identity and access management users groups and and rolls and making sure that you have the correct policies and security safeguards in place to only allow that data to the correct
programs. The correct service is in the correct users. That meat that
number eights is data loss. This is self explanatory. Obviously, you wanna have you wanna have durable data making sure that's your data is successful at all times. Whether ah hacker comes in and tries to steal your data or delete your data or or you have data loss due to
natural disasters. Either way, this can cause a major issue and a major frustration to your organization.
So you want to make sure that you have high availability, and that basically means having their redundancy across multiple data centers or multiple availability zone. So making sure that when you do use the cloud that you have that implemented and make sure that's, ah,
you haven't restricted your data to one's own when you need it to be accessible to multiple zones and things like that, Number nine has to do with insufficient due diligence. Basically, what we're talking about here is really what we're talking about here is maybe we have an overly ambitious senior management team who's ready to start adopting cloud technologies into there.
part of the reason that we've been talking so much about choosing the correct cloud vendor, it's because of this very reason
you want to make sure that when you're signing up for a Claude vendor that you're signing up for the appropriate service is to make sure that you're not getting into any trouble with regulated organizations or
making sure that you don't run it in any issues when it comes to contracts, and that's really where insufficient due diligence comes through. If you're just signing papers left and right, you don't really know you have really done. Your research on the service is that you're you're paying for. You can get yourself in a bind, are really just locked in
to that specific cloud vendor and really do yourself a disservice, especially if that cloud vendor
is a fairly new Claude vendor out there. They don't have a lot of, uh, they have a lot of experience. They haven't really been out of the market, and they don't really have a lot of
security controls or or just a lot of availability to make sure that you were able to get what you need. You don't have that flexibility to move to and from as needed in order to, ah, to use the cloud appropriately. So make sure that's when you're using the cloud whenever you're moving into the cloud
that you have done your due diligence to make sure that that's the correct cloud vendor that the service is that they're offering
and the locations that they're offering those service's are appropriate for your organization. Ultimately, this is about your organization's business strategy or your end business goals, and making sure that the cloud is going to compliment that and not hinder that
number 10 on our list has to do with abuse and nefarious use of cloud service is now. If your organization and you're trying to adopt Claude models, this may not necessarily apply to you, but this is still considered a top cloud security threat. Basically, what this is is you know, people signing up for cloud accounts and and ending up using.
And they try to use those accounts for
maybe hacking or trying to send out de dos attacks to other other organizations and things like that.
And that's not something that you want to d'oh
if you haven't organization and you're just trying to adopt cloud service is that's not really something that I would be worried about. But if you are the organization that maybe something you wanna worry about from the Attackers, maybe they want to spend a bunch of easy to insists is and try to de dos you and just ah and try toe just kick the bucket and leave the
cloud platform that before they get charged for it or whatever.
Um, this is obviously going to be against the policies of the cloud vendor, and this is something that you can actually check with the security of the cloud vendors that I know that eight of us, they make sure that de dos ing is prevented. They have a lot of security controls in place to prevent those things from taking
from taking place on any of your instances. And making sure that's
your service is our staying available at all times. But it's still something to keep in mind and make sure that you're reading up on, especially if you choose a cloud vendor that may not be so well established, like eight of us, Azure or Google Cloud Platform
number 11 on our list has to do with denial of service is which something that we kind of touched on. We're talking about the abuse and a ferry. Issues of Cloud service is basically this is when the Attackers can use cloud service is to attack other
people. Whether that's a target, that is, you know, on premise, maybe they're not using the cloud at all.
Or maybe it is to attack other people within the cloud. Um,
this is something that is not necessarily a large concern. As you can see, it's towards the tail end of our list here of top security threats. But it's still a threatened on the nonetheless, especially if you're using a cloud provider who is not as well established us some of the big ones as I mentioned before. Eight of us and the other,
ah, large scale cloud providers they
they offer, um, security controls that are already in place. To prevent these things from hindering you
and hindering your service is that you've deployed into the cloud, so it's not really a big deal. It's another great reason to go with one of those service's are those providers. But, you know, for those smaller companies that we didn't talk about earlier in this section,
they may not have those provider. They may not have those security controls, and so you want to make sure that that's something that may not be of high importance to you or that you're not really worried about. So just make sure you keep that in mind and the last ah security threat that we need to be concerned about is the shared technology issue.
So really, what we're talking about here is making sure that you're okay with being in a multi tenant environment. Obviously, this isn't gonna be that big of a deal if you have a dedicated instance. We're dedicated server that you're using, whether that's on prem or off prom if you're going basically, if you're going private cloud,
this may not necessarily apply to you, but if you are going with the public cloud or you are going with a hybrid cloud deployment, this is something that you should keep in mind. Make sure that you are okay with having your information shared on technically the same server as a bunch of other people.
Just keep in mind that you have your own isolated environments
eight of us or azure or G, C, p or any of those other large scale cloud providers. They are going to to do everything that cake they can to secure it. And ultimately they will be liable if that information gets leaked butts. You know, you're not always 100% positive that your information is gonna be secure.
They can promise you 99.99999%
You still have the possibility of getting attacked or losing that information. And that's just a risk that we have to take.
Is that gonna happen? More than likely not, but it's not impossible. Make sure this is something that is okay with whatever type of governing regulation program that you're following. What are the type of compliance we're going with us? Hip P. C I, or things like that. Make sure that
those programs will follow suits and and be okay with you doing this as well.
Art, everybody. That about wraps up this section on the top cloud security threats. If you are interested in learning more about this, if you're interested in learning more about the Cloud security alliance and the the top uh, the treacherous 12 the top 12 security threats,
I'm going to attach the documents to see essays.
Ah, treacherous 12 pdf in the resource is section of this course. And if you're interested in learning more about the cloud, maybe more. About eight of us actually teach on AWS. Have a course on cyber that teaches you the basics and actually gets you started with the very 1st 8 of US certification, which is tthe e
certified cloud Practitioner,
cert. So if you are interested in learning about eight of us and really getting your feet wet in the cloud, I do encourage you to jump over there and take that court. That course will prepare you to take and pass the exam. I'll walk you through step by step. We go through all the security controls we go through.
The different types of service is more in depth. CEO gets learned about compute and storage and data basing and everything like that
and managing your users and your security policies and things like that in the cloud.
And ultimately, you'll you'll know what you need to know in order to get the exam passed and get that certification and ultimately start using the cloud in your organization. So it's a great way to get started