Migration of data, applications, and servers to the cloud is happening at a rapid pace among organizations of every size and yet cloud security continues to be the chief and growing concern. Results of a recent survey of 570 IT and cybersecurity experts have revealed some trends that are consistent across all industries in organizations of all sizes. Security issues appear to be inadvertently caused by organizations that are using the cloud and not by the cloud itself.
Avoidable Errors are the Biggest Threats
The 2018 Cloud Security Spotlight report states that the self-inflicted mistake of cloud platform misconfigurations caused 62% of security threats. The second worst threat was the misuse of employee credentials together with improper access control. Insecure application program interfaces (APIs) were the third-worst threat to cloud security.
Surprisingly, malicious exploits and cybercriminals are not the causes of the majority of security issues. Instead, failed attempts at managing and monitoring cloud assets are threat number one. Along these same lines, Security Operations Centers (SOCs) are facing the following top three security control challenges:
- Security compliance,
- Visibility into infrastructure security, and
- Establishing consistent policies across on-premises and cloud environments.
A Clear Solution to Self-Inflicted Security Threats
Experts suggest that the in-house security problems identified can all be resolved with consistent and comprehensive visibility into your cloud environment.
Actively monitoring assets in the cloud, policy violations, and configuration issues as they occur can stop the cycle of companies being their own worst security threats.