Most said the shared responsibility model is often unclear regarding who does what. The majority of enterprises now operate in multi-cloud environments, but those varied vendors pose greater security challenges, said 98 percent of respondents to a July Tripwire report. One possible explanation, according to research by Thales, is that half of businesses are storing over 40 percent of their data in external cloud environments, but few are encrypting sensitive data.Īn August survey by Vectra AI of Amazon Web Services (AWS) users found that 100 percent have suffered at least one security incident in their public cloud environment within the last year. Verizon’s most recent annual report on data breaches found that most cybersecurity incidents now involve cloud infrastructure, and more cybersecurity incidents involve external rather than internal cloud assets. Less than 1 percent of enterprises fixed all misconfiguration issues, and larger enterprises required 88 days on average to fix known issues, thereby extending the time attackers could exploit them. A study by Aqua Security that examined a year’s worth of cloud configuration data for hundreds of its clients found that 90 percent are vulnerable to security breaches due to cloud misconfigurations. Misconfigurations are usually laid at the feet of cloud customers, not providers, under the Cloud Shared Responsibility model.
0 kommentar(er)
