What is the Cloud, and Why Is It So Popular?
Cloud computing has been on the rise since it provides a cost-effective way to access network infrastructure and other computing services. Cybersecurity Ventures has predicted that by 2025, 100 zettabytes of data, which will represent half of the data stored globally in that year, will be stored in the cloud.
Cloud users can leverage cloud service providers’ vast computing power and resources, but paying only for the specific services they request. With the cloud, computing operations, such as data storage and machine learning model training, occur using computing resources owned by cloud service providers. Therefore, organizations using the cloud can leverage the flexibility, scalability, and security that the cloud offers, without needing to build, maintain, and secure in-house servers.
Although cloud computing comes with several benefits, there are risks associated with it. Cybersecurity Insiders’ 2021 AWS Cloud Security Report, which compiles the findings from surveys given to cybersecurity professionals from 316 organizations that use AWS (Amazon Web Services) for their cloud services, provides several insights into the security concerns associated with cloud computing. The report contains results from a survey the cybersecurity professionals took about their main cloud concerns and the cloud security threats they consider to be most serious. Here are some of the key takeaways from the report:
- The most commonly reported cloud security concerns are data loss and leakage (67%) and data privacy and confidentiality (61%).
- 46% of cybersecurity professionals reported that legal and regulatory compliance is a major challenge when cloud services are used.
- Cloud misconfigurations and insecure interfaces and APIs, which 71% and 54% of cybersecurity professionals respectively reported as major cloud threats, are two key common initial points of entry for attackers targeting cloud resources.
Cloud Computing Risks
Data loss and leakage was the most commonly reported cloud risk, with 67% of cybersecurity professionals reporting it as a major concern. Data stored in the cloud can be temporarily or permanently lost due to causes such as cyberattacks, hardware failures, and the overwriting of data.
Data privacy and credential exposure were the second and third most common concerns, with 61% and 49% of cybersecurity professionals respectively reporting it as one of their biggest concerns. If attackers were to gain access to cloud user’s credentials or find another means of gaining access to the user’s cloud resources, the attackers could destroy and/or exfiltrate sensitive data, which could result in data privacy breaches and prevent organizations from conducting their usual services.
Organizations storing data in the cloud often face challenges in meeting government and industry data protection regulations and proving compliance with them, as is reflected by the 46% of cybersecurity professionals who reported legal and regulatory compliance as being a major issue with cloud usage. These difficulties are due to factors such as the reduced visibility and transparency that accompany the use of the cloud, which 43% of cybersecurity professionals reported as a key issue, as a result of the reduced network and service monitoring that results from migrating computing resources to the cloud.
Cloud Security Threats
Adversaries can also leverage the cloud as part of their attack vectors, which puts cloud-based resources at the risk of several types of cyberattacks. Cloud platform misconfigurations were the most widely reported major cloud security threat (71%). Cloud misconfigurations occur when a user configures cloud settings in a manner that doesn’t provide adequate protection for their cloud-based resources. Examples of cloud misconfigurations include granting excessive privileges to system users and failing to enforce network traffic restrictions.
Exfiltration of sensitive data, reported by 59% of cybersecurity professionals, and unauthorized access, reported by 53% of cybersecurity professionals, are also major threats. If attackers take advantage of a cloud misconfiguration, insecure interface or API, or other entry point to gain access to cloud-based resources and exfiltrate private data, this data could be leaked to the public, sold on the dark web, or used for other malicious purposes.
Insecure interfaces and APIs (Application Programming Interfaces) are considered a major threat by 54% of cybersecurity professionals. These tools allow users to manage their cloud services but are often used without sufficient security controls such as authentication and encryption, providing attackers with potential entry points to gain unauthorized access to cloud-based resources.
Securing Cloud-Based Resources
Luckily, there are actions users can take to improve the security of cloud-based resources. Users can mitigate and prevent attacks on their cloud-based resources by encrypting their data stored in the cloud, backing up their cloud data, utilizing multi-factor authentication, and using IAM (Identity and Access Management) to grant users the minimum necessary privileges. Cloud monitoring solutions can be used to identify threats and implement security fixes. Users can also stay updated about the latest cloud security vulnerabilities so that they can formulate strategies to secure their cloud-based resources against these threats.
Cloud computing comes with both risks and rewards. By taking cloud security precautions, users can minimize the security risks associated with cloud computing, while reaping the benefits of the scalable, flexible computing resources the cloud has to offer.
