Fugue e Sonatype have carried out a search between 300 engineers developing cloud systems per The State of Cloud Security 2021. The results are troubling: 36% of organizations suffered an attack or has lost data in the past twelve months. Eight out of ten companies are concerned about cloud security, and 64% think the problem will only get worse over the next year.
Cloud security: One in three companies has suffered an attack
Focusing on the cloud in the last eighteen months becomes a necessity when smart working is the new normal. But this increases what technicians call the “attack surface” for hackers. And it makes it easier to make mistakes that lead to data loss. According to the data highlighted by the report, the main reason for the wrong configuration of the cloud are the excessive number of APIs and interfaces to manage (32%). But an almost even number (31%) of engineers think that the control of the system is lacking. 27% think users are not informed on the policies to follow, 32% are negligent.
But in addition to the structural difficulty (both software and human capital) there are new problems to be managed in the cloud. As a major number of false positives (27%), tiredness from always being on the alert (21%) and then the inevitable human error (38%).
There are also problems with training and personal management. 36% of companies struggle to hire and retain cloud security experts. 35% experienced problems with training and education. Half of the respondents say that invests over 50 hours in IaC security (Infrastructure-as-Code) and as many in active monitoring.
96% think the situation would improve by having the same set of policies for IaC and runtime control. 47% would like a better view of the cloud environment while the 43% think automation in control is the way forward.
You can find the full report here.
Leave a Reply
View Comments