April 24, 2024

Enterprise Cloud Security Threats (and How to Address Them)

Tech industry insiders and the companies following their advice cite many benefits of moving to the cloud, including cost savings, smoother collaboration in a remote work world, scalability and flexibility, and improved security. While these positives are genuine and impressive, they are not necessarily all-encompassing; Cybersecurity in particular may remain problematic.

While it is true that cloud service providers have expertise and investment in security measures, it is a big mistake for a company’s leaders to assume that their business and data will have complete and watertight protection after moving to the cloud. Below, 20 members of the Forbes Technology Council discuss the top security threats facing enterprises in the cloud and how to address them.

1. The need to maintain good access controls

Unexpected or out-of-policy access rights pose a major threat to enterprise cloud security. As data and operations shift to the cloud, the attack surface expands and maintaining proper access controls is critical. Best practices such as automating security operations, multi-factor authentication, regular audits, employee training and awareness, and implementing zero trust can help companies stay ahead of potential threats. -John Milburn, Clear Skye

2. ‘Spreading Secrets’

Encryption keys protect data, the crown jewel of any business. Key management solutions from AWS, Google and Microsoft ensure they are handled securely while remaining accessible to authorized personnel. However, security doesn’t stop at managing keys efficiently. End-to-end visibility from creation to retirement, anomaly detection and misconfiguration alerts address the challenge of ‘secrets spreading’. – Itzik Alvas, Entro Security

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Am I eligible?

3. A lack of consistent, company-wide security controls

One of the biggest threats in multi-cloud and hybrid cloud environments is the lack of consistent, enterprise-wide security controls. Embracing unified, proactive attack prevention and zero trust are essential. Implement defenses such as limiting data access through authentication and/or encryption, applying least privilege principles to accounts, and ensuring multi-layered protection of cloud assets. We must go beyond detection and block threats at their source. – Geoffrey Mattson, Xage Security

4. Image-based phishing

Image-based phishing, which uses images to sneak malicious links and messages past traditional security solutions, should be a top priority for any business. With the volume of such attacks skyrocketing, organizations must adopt a multi-layered approach, including AI-based detection tools, targeted employee awareness training, and multi-factor authentication to strengthen their defenses. – Eyal Benishti, IRON SCALES

5. Human error

An overlooked threat to cloud security is the human element. People will always be a vulnerable target, including for social engineering attacks targeting cloud email and software-as-a-service applications. Awareness training about these types of attacks is critical, as is deploying security solutions that apply artificial intelligence and machine learning to the basic behavior of typical users to detect anomalies that could indicate an attack. – Mike Britton, Abnormal Security

6. Increasingly sophisticated and varied hacker attacks

Companies deploying to the cloud face significant access control risks as attackers use extensive botnets, credential stuffing, stolen credential lists, and vulnerability exploitation to gain access to user accounts and private data. Mandating multi-factor authentication, combined with web application firewalls, bot management, and application programming interface security capabilities, will significantly improve the integrity of cloud applications. -Carlos Morales, Vercara

7. Distinguishing between ‘signal and risk’ and ‘noise’

The biggest challenge is getting to grips with all the different ways in which cloud applications can be exploited. Managing and centralizing data is not enough; Today, companies need machine learning models to extract the ‘signal and risk’ from the ‘noise’. The problem is no longer the human scale, but the processes needed to catch up. – Michael Roytman, Cisco Security

8. The speed of the cloud

A major threat to cloud security today is the inherent challenge of closing security gaps at the speed of the cloud. The number of new security issues is significantly accelerated by the speed at which cloud resources can be provisioned. To address this, organizations must “build” security into their cloud blueprints and cloud resource provisioning process to mitigate the threat on “Day Zero.” -Kim Bozzella, Protiviti

9. Wrong configuration

A major threat to cloud security is misconfiguration, which often leads to unauthorized access. To combat this, companies should adopt policies of least privilege and ongoing configuration audits. This strategy ensures that only necessary permissions are granted and that they are regularly reviewed, minimizing potential vulnerabilities. – Shelli Brunswick, SB Global LLC

10. Broad Access Rights

Most breaches now involve stolen login credentials or hijacked sessions. This is lucrative for attackers because organizations typically grant their employees broad permissions based on what they need at any point in their role. As a result, even a single stolen login becomes catastrophic. Implementing dynamic, granular access control can help reduce the explosion radius of such breaches. – Atul Tulshibagwale, SGNL.ai

11. Vulnerabilities in Third Party Software

Supply chain attacks can exploit vulnerabilities in third-party software and infrastructure to penetrate defenses. Auditing vendors, monitoring for suspicious activity patterns, and using microservice architectures to isolate systems can reduce risk. We prefer platforms that allow greater control over security updates and configurations. – Marc Fischer, Dogtown Media LLC

12. Cloud Metadata Exploitation

An emerging threat is cloud metadata exploitation, where attackers use metadata information to gain insight into an organization’s cloud environment, enabling targeted attacks. Address this by implementing robust metadata protection measures such as encryption, access controls and behavioral analytics to detect abnormal access patterns and thwart malicious activity before it escalates. – Jagadish Gokavarapu, Clear Infotech

13. API Vulnerabilities

API vulnerabilities are a growing threat. Regularly review and secure APIs, implement appropriate authentication mechanisms, and perform thorough security testing to identify and remediate potential vulnerabilities. – Maksym Petruk, WeSoftYou

14. Unsecured collaboration tools or file sharing services

One threat is the risk of data loss or leakage through unsecured cloud collaboration tools or file sharing services. To counter this threat, organizations can use encryption for data in transit and at rest, implement data loss prevention solutions to monitor and control the flow of sensitive information, and enforce strict policies for sharing and access files within cloud environments. – Cristian Randieri, Intellisystem Technologies

15. Additional risks due to remote working

Remote working will always come with risks, but these can be managed. Ensuring robust cloud security, with strict access controls and encryption, is critical. Given remote teams’ heavy reliance on cloud services, this strategy safeguards data transfer and storage, mitigating the risk of unauthorized access and data exposure. Frequent, in-depth cyber-focused education is also critical. – Muhi S. Majzoub, OpenText

16. Unsecured apps and data in development

Many cloud offerings also act as development platforms, where business users of all technical backgrounds develop their own apps and automations. However, these platforms do not secure the data and/or individual apps that are built. This can be addressed through cross-platform visibility and gaining deep, enterprise-level logic for all apps, automations, and bots built in the cloud. -Michael Bargury, Zenity

17. Multicloud settings

Security in heterogeneous multi-cloud setups can be a real challenge. Each platform has its own tools and terminology, and the technology is evolving quickly. New risks can easily slip through the cracks. Look for ways to standardize security controls, establish consistent and repeatable processes, and invest in ongoing team training to keep up with the latest developments on each platform. – Ilia Sotnikov, Netwrix

18. Shadow IT

Shadow IT, the use of unauthorized cloud services by employees, exposes companies to invisible vulnerabilities. Combat this by fostering a culture of transparency and collaboration between IT departments and employees, promoting the use of sanctioned tools through education, and offering accessible, secure alternatives. – Marc Rutzen, HelloData.ai

19. Threats from within

Insider threats pose a significant risk in cloud environments and are often overlooked because of all the external dangers. To mitigate this, companies must implement strict access controls, continuously monitor for unusual activity, and enforce strong data encryption so that even if the data is accessed unlawfully, it remains unintelligible to unauthorized users. -Andrew Blackman, EZ Cloud

20. Failure to maintain ITDR and/or a BCP

Many organizations incorrectly assume that because they have moved to the cloud, they no longer need to establish, deploy, and maintain effective identity threat detection and response, and/or that a business continuity plan is no longer needed. Public and private cloud service providers are subject to the same risks that all organizations face; Therefore, ensuring that these risks are recognized and that ITDR and a BCP exist and are tested is essential for business resilience. – Mark Brown, British Standards Institute (BSI)

Leave a Reply

Your email address will not be published. Required fields are marked *