 back to blog

5 Areas Exposing Your AWS Deployments to Security Threats

August 18, 2021
Please note that this is an automated translation. For the most accurate information, refer to the original version in English.

Let’s be honest, the cloud has come at us fast this past year—especially if you’re a security practitioner. Like lining up to race Usain Bolt in the 100 meters kind of fast. Only he’s the cloud and you’re trying to keep up. As soon as you get set, he’s already crossed the finish line and is onto the next deployment. What do you defend? Where do you focus your efforts and resources and how do you make sure all of your services are secure when you know threats are lurking?  

And it’s not that they’re just lurking, we recently surveyed hundreds of security professionals who work to secure Amazon Web Services (AWS) and found that every participating organization had experienced a previous cloud security incident. The full findings are in the latest State of Security Report that provides insight from CISOs, security architects, engineers and DevSecOps professionals who share how their organizations are utilizing and securing AWS.  

You’ll discover how organizations are utilizing Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) across AWS to rapidly develop and deploy workloads, while security teams are often struggling to keep up with potential vulnerabilities. In addition to the free report, you can also take a look at the five cloud security blind spots that were uncovered as well. But for now, let’s get to the 5 exposure areas in cloud deployments that can leave your organization susceptible to threats like ransomware.  

1. Customer misconfigurations or mistakes

AWS Cloud statistic: Through 2025 99% of cloud security failures will fall on the customer

While the benefits of greater speed and agility that come with the cloud enable faster delivery of applications, these advantages need to be balanced against security risks that arise from increasingly complex and constantly evolving deployments. In fact, Gartner states that through 2025, 99% of all cloud security failures will fall on the customer. Misconfigurations or mistakes are inevitable but by utilizing artificial intelligence (AI) you’ll gain visibility into account creation, account changes and how services are being used to identify when something isn’t right.  

2. More people, more access, more risk  

AWS Cloud statistic: 71% of organizations have more than 10 people accessing AWS

The report findings reveal that 71% of participating organizations have more than 10 users with access and the ability to modify the entire AWS infrastructure. With more users granted access to AWS, risk exponentially increases as even one compromised account by an attacker would spell disaster. The challenges of securely configuring the cloud are expected to continue for the foreseeable future due to sheer size, scale and continuous change.

Infographic: Securing IaaS & PaaS: Today’s Reality

3. No formal deployment sign-off

AWS Cloud statistic: 64% are deploying new services on a weekly or daily basis.

The cloud has expanded to such an extent that securely configuring it with continued confidence is nearly impossible. Almost one-third of organizations surveyed have no formal sign-off before pushing to production, and 64% of organizations are deploying new services weekly or even more frequently. Not having a set sign-off procedure in place doesn’t always mean security isn’t prioritized, but it’s important that security teams are involved in deployments and ideally would be part of a formalized sign-off process.

4. Services with a high possibility of exploitation are being implemented  

AWS Cloud statistics: 71% of those surveyed use 4 or more services while only 29% use only S3, IAM and EC2

The survey cites that 71% of respondents use more than four AWS services, leaving themselves even more vulnerable to exploitation, while only 29% use three AWS services—S3, EC2, IAM. This shows that organizations are blind to threats in the services that aren’t covered with native security controls offered in the bottom three services. We also found that 64% of DevOps respondents are deploying new services at least once a week. As enterprises move their high-value data and services to the cloud, it’s imperative to control cyber-risks that can take down their businesses.  

5. Different regional consoles need to be investigated separately  

AWS Cloud statistic: 40% of organizations are running AWS across threat of more regions

Data shows that 40% of participating organizations are running AWS across three or more regions. The challenge here is that native threat detection tools offered by cloud service providers require a single console for each region, so security teams have to manually investigate the same threat in each regional console. Attacks are rarely confined to one region as well, which puts organizations at a disadvantage during detection efforts because they lose a holistic view. In this case, native tools will only hold them back and may augment the risk of a successful breach.

By making sure your bases are covered in these areas during your cloud journey, you’ll be in much better position to reduce the risk of compromise and exposure to today’s ransomware attacks. 

And, if you’d like to see and stop threats against your AWS environment, get a free 30-day trial, today!

Want to learn more?

Vectra® is the leader in Security AI-driven hybrid cloud threat detection and response. The Vectra platform and services cover public cloud, SaaS applications, identity systems and network infrastructure – both on-premises and cloud-based. Organizations worldwide rely on the Vectra platform and services for resilience to ransomware, supply chain compromise, identity takeovers, and other cyberattacks impacting their organization.

If you’d like to hear more, contact us and we’ll show you exactly how we do this and what you can do to protect your data. We can also put you in contact with one of our customers to hear directly from them about their experiences with our solution.

Get in touch