State of Security: How Pros Address Daily Cloud Security Challenges

August 4, 2021
Vectra AI Security Research team
State of Security: How Pros Address Daily Cloud Security Challenges
AWS statistic: 99% of cloud security breaches will have root because of customer mistakes

When you hear Gartner state that through 2025, 99% of all cloud security breaches will have a root cause of customer misconfigurations or mistakes, you can’t help but wonder—what is it that the experts and analysts know that customers don’t? Security teams are certainly aware of today’s cyber threats, whether that’s ransomware, supply chain attacks, or account takeovers. Organizations are keen on taking the necessary steps to make life difficult for attackers by deploying all the right endpoint and perimeter security along with multi-factor authentication (MFA).

There’s just one problem with that approach: none of these tools will help secure what happens in the cloud, and they are all prevention-centric. Okay, that’s two. Even the added measure MFA provides gets bypassed by cybercriminals on a regular basis (and don’t get me wrong, your organization should use MFA, but there is no silver bullet).

To gain more insight about how teams are securing their IaaS and PaaS environment, we recently surveyed hundreds of security professionals who work to secure the Amazon Web Services (AWS) cloud in their roles each day. You can see the findings in the State of Security Report: PaaS & IaaS—More People, More Access, More at Stake, where CISOs, security architects, and DevSecOps alike shared their experience and insight about how their organizations address the security of AWS deployments.

Go ahead and download the free report as there are some key takeaways that help explain many of the priorities and challenges organizations face when securing their cloud environments. Some of the highlights include:

Securely configuring the cloud remains a challenge

Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) have been foundational for DevOps engineers as IT teams head for cloud-native architectures as a solution to handle today’s always-connected businesses. However, visibility is lost when services move to the cloud which can leave you blind to compromised accounts, roles and abuse of misconfigurations, which all increase risk. The survey found that a surprisingly high number of responding organizations don’t have formal deployment sign-off, meaning people have access to make modifications without a process in place.

AWS statistics: 30% or organizations have no formal deployment sign-off before pushing to production and 40% of organizations have no DevSecps workflow

Companies are Investing heavily in security

With the rise of DevSecOps, there’s no doubt that organizations are continuing to prioritize security. Over half of those surveyed have over 10 employees in their Security Operations Center (SOC). We also found that both security and DevOps personnel are looking for more ways to be proactive and preventative in their roles, which shows that it’s not just the security folks who are prioritizing keeping assets safe.

Teams are looking for expanded coverage

There’s a sentiment expressed in the report that organizations are looking for coverage beyond the three basic AWS services. In fact, according to the findings, 71% said they need a solution that covers more than what is currently available from their cloud service provider.

These are just a few of the findings. Download the full State of Security Report: PaaS & IaaS—More People, More Access, More at Stake to get all the details.  

If you’d like to see and stop threats against your AWS environment, get a demo here!