In an era driven by cloud computing, organizations need to be prepared to manage an increasingly dynamic attack surface. However, many security teams are struggling to secure ever more complex cloud environments.
New research released by Palo Alto Networks finds that the vast majority of security exposures are present in cloud environments at 80% as compared to on-premise at 19%. This highlights that the cloud is a key part of the modern enterprise attack surface.
The study also highlighted that securing the cloud is challenging because infrastructure is constantly changing. For instance, nearly 50% of high-risk, cloud-hosted exposures each month were a result of the constant change in cloud-hosted new services going online and/or old ones being replaced.
Unfortunately, it also appears that threat actors are well aware of the exploitability of cloud assets, with CrowdStrike identifying a 95% increase in cloud exploitation in 2022.
Why the Cloud is the New Frontier
The cloud has become the dominant attack surface not just due to its complexity but also due to the fact that many organizations are struggling to find qualified professionals to secure cloud environments.
According to a Microsoft survey, 38% of UK respondents who have been engaged in recruiting individuals with cloud skills over the past 12 months reported encountering challenges in finding the appropriate skill set.
This shortage of expertise has left many organizations unaware of key exposures, misconfigurations, and vulnerabilities in public, private, and hybrid cloud environments.
For instance, many organizations lack knowledge of all the certificates and keys used within their environments, which leaves them vulnerable to exploitation.
The struggle to secure the cloud is reflected in the fact that 39% of businesses experienced a data breach in their cloud environment last year, up from 35% the year prior.
What’s the Solution?
While securing the cloud is a tall task, one of the fundamental steps that organizations need to take is identifying where data lives in the cloud. Once they do, they can start to map what human and machine identities have access to this information and begin implementing access controls to protect it from unauthorized access.
It’s worth noting that machine identities outweigh human identities by a factor of 45x, and 68% of machine identities have access to sensitive data and assets. This is such a high volume that manual approaches aren’t enough to keep up with the volume of identities accessing protected information on a daily basis.
Instead, organizations must turn to automated solutions that provide the ability to automatically discover and classify data stored in the cloud, as well as what data has access to it.
Once a security team understands what human and machine identities have access to high-value data, they can start deploying access controls to verify and authenticate them before they access protected information.
This also sets up a framework to enforce the principle of least privilege, to ensure that identities only have access to the minimum amount of data needed to perform their function.
Closing the Cloud Skills Gap
To enhance its cloud security, any organization must not only tackle the skills gap but also contend with the extensive cybersecurity skills deficit, which currently stands at a staggering 3.4 million personnel shortfall in enterprises.
Although this is an era where there are no quick answers, except for an industry-wide investment in promoting the next generation of cybersecurity talent, organizations can work toward enhancing their cloud security posture by investing in employee reskilling and upskilling.
By supporting education, organizations can give cybersecurity professionals knowledge in areas like cloud security, so they can better secure the enterprise. Training cybersecurity talent internally can help mitigate some of the side effects of broader talent shortages.
This can be as simple as investing in course content provided by cloud vendors like Amazon Web Services, Google Cloud, and Microsoft Azure. It can give employees practical new skills on how to better manage and secure cloud environments while providing them with new certifications that enhance their employability.
Organizations can also opt to use courses developed by third-party providers like Udemy Coursera, Pluralsight, and Simplilearn.
In tandem with the ongoing evolution of cloud-driven networks, security teams must expand their skill sets to encompass the expertise required for implementing controls not only within on-premises networks but also in the cloud environment.
At a high level, organizations need to invest in solutions and approaches to identify and protect data where it lives and breaches in the environment.
By investing in technology and employee skill sets, organizations can get to grips with the cloud attack surface and insulate themselves from some of the impact of the cyber skills gap.