Cloud Security Risk: How to Address Common Threats with Continuous Monitoring

Spurred by the pandemic and a need for greater collaboration and business efficiency, cloud adoption is soaring. According to the Flexera 2021 State of the Cloud Report, spending on cloud services this year is predicted to be higher than ever.

But as your organization increases its cloud footprint and introduces more cloud providers to its network, the risk of cybersecurity incidents and breaches expands rapidly.

Let’s look at four common cloud security risk vectors and why continuous monitoring is key to  uncovering risk hidden in your cloud ecosystem.

1. Insufficient or weak credentials control

Access management violations are among the most common cloud security risks that organizations must address. Cloud providers will limit administrator level access to only trusted account managers in your organization, but your data will be at risk if those credentials should fall into the wrong hands. 

Steps you can take to reduce risk on your side of the cloud include limiting credentialed access, rotating cryptographic keys, implementing multi-factor authentication, and monitoring user activity.

2. Delaying or skipping system updates

Outdated software can pose significant security risks – both for the cloud provider and your organization. The 2017 Equifax hack was believed to have occurred when cyber criminals infiltrated the company’s data cloud, which was made vulnerable by delayed updates by IT teams.

It’s a problem often compounded by confusion over the cloud shared responsibility model. Responsibility frameworks published by Amazon Web Services (AWS), Google, and Microsoft Azure make it clear that security is a shared task between the provider and the customer. As cloud providers, they are accountable for the cloud infrastructure, while customers are responsible for security in the cloud. Customers’ responsibilities include managing updates and patches to cloud assets such as operating systems, databases, and applications.

Yet these basics of cloud security are still misunderstood. According to the 2020 Cloud Threat Report from Oracle and KPMG, understanding about the responsibility model has worsened among IT and cybersecurity professionals. When surveyed, only 8% of respondents fully grasp the model and 67% find it confusing – a 13% year-over-year increase. 

When understanding is muddied, critical updates may not be applied, increasing your organization’s risk exposure.

3. Third-party cloud security risk

Your third-party suppliers and vendors are likely making use of cloud services, too. But did you know that this can indirectly expose your organization to risk? For instance, if your payroll provider stores sensitive data about your employees in the cloud, any breach of their cloud service could directly impact your personnel, your business operations, and your reputation.

Each time you onboard a new vendor, use security assessments to understand if they store customer information in the cloud and what steps they take to protect it.

4. Misconfigured software

Misconfigurations pose a significant cloud security risk, and there are many examples of how a simple mistake can snowball fast. In 2019, the Capital One breach – the result of a misconfigured AWS cloud instance – resulted in the compromise of more than 100 million customer accounts.

Because AWS’s shared responsibility model makes it clear that customers are responsible for configuring their own cloud assets, Capital One was held accountable. The company was fined $80 million for failing to identify and manage risks as it moved its operations to the cloud.

Best practices such as implementing access restrictions and permission controls can help limit who can make changes to your cloud environment. But these steps are only the beginning. Checking regularly for signs of misconfiguration should also be a priority. Which leads to our next point.

Why continuous monitoring is key to remediating cloud security risk

Cloud security risk can occur for any number of reasons. But one thing is clear: the cloud is creating visibility blind spots that must be addressed. Indeed, when asked, the Oracle/KPMG survey found that identifying software vulnerabilities and misconfigurations are the most important things that security teams feel they must do to improve security visibility in the cloud.

While many cloud service providers are proactive in providing cyber security auditing checklists to help their customers assess the security of cloud environments, they can take time to complete and only provide a snapshot of cyber risk.

A more efficient way to improve visibility is to get a handle on the risk hidden across digital assets stored in the cloud – on a continuous basis. With automated monitoring and discovery your enterprise can quickly and easily assess areas of high risk exposure, such as unpatched and misconfigured systems, and prioritize those assets for remediation. No waiting around for audit season.

Similarly, as digital transformation drives more applications and data to the cloud across your digital supply chain, you can further leverage continuous security monitoring technology to identify potentially risky service providers connected to your company’s vendor ecosystem.  

Gain visibility where it's needed most

As the cloud continues to prove its value and companies become increasingly comfortable moving sensitive data off premises, security remains a problem. In this environment, having a dialog with your cloud service providers and becoming an expert on various shared responsibility models is important. But continuous monitoring of your digital assets in the cloud is key to gaining visibility into where hidden risk lies and mitigating that risk before the bad guys exploit it.