Cybersecurity Fears Trigger Migration From the Public Cloud
Cloud cybersecurity — or a lack of it — is feeding a frenzy of companies out of the public cloud. A similar concern about managing compliance obligations is keeping organizations from moving to the cloud in general.
However, much of the growing concerns over cloud cybersecurity result from experiences with public and private cloud platforms. A trend toward hybrid cloud computing could be an approach to better ensure data security, according to cybersecurity researchers.
Several cybersecurity reports raise concerns about confidence in cloud providers’ abilities to adequately protect users from data breaches, maintain visibility and security controls. The reports raise questions about deciding to use public or private cloud platforms or going to hybrid cloud use to supplement existing on-premises datacenters.
A report that Accurics published in late February shows it takes 25 days on average for companies to fix cloud infrastructure misconfigurations.
That report also reveals that 10 percent of enterprises pay for advanced cloud security capabilities that are never enabled, while 35 percent of organizations struggle with improper use of role-based access controls in the cloud which result in roles with too many permissions.
Results also show that nearly a quarter of all violations correspond to poorly configured managed infrastructure services offerings. This makes it easier for attackers to discover an organization’s services, read their data, and potentially make modifications. Now watering hole attack are emerging in the cloud, where they can cause much more damage than in on-premises environments.