Vital Necessity Of Cloud Computing Highlights Security Risks

Uploaded on 2020-07-29 in TECHNOLOGY--Developments, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

The vital necessity of cloud computing for both business and the general population is likely to accelerate market growth. With the frequency of online breaches and technological attacks on the rise, security maintenance has become the key point of focus. 

Companies have to take vital precautions before the onset of cyber risk. 

A newly released report by the leading cloud security specialist Orca Security on the State of Cloud Security In 2020 says that almost 80 percent of organisations have at least one neglected, Internet-facing workload, meaning it’s running on an unsupported operating system or has remained unpatched and insecure for 180 days or more. 

When an organisation elects to store data or host applications on the public cloud, it loses its ability to have physical access to the servers hosting its information. As a result, potentially sensitive data is at risk from insider attacks. Insider attacks are the sixth biggest threat in cloud computing. 

The recent statistics explain that there exist some organisations that have employed cloud-based security solutions. Around 90% of companies are deploying cloud-based services. 

Only 12% of global IT sectors understand how General Data Protection Regulation (GDPR) will affect the cloud services. 66% of IT engineers say that security was the biggest concern when they adopted the cloud computing platform.

The Orca Security Report explains that:

  • Attackers look for vulnerable frontline workloads to gain entrance to cloud accounts and expand laterally within the environment. While security teams need to secure all public cloud assets, attackers only need to find one weak link.
  • Weak security authentication is another way that attackers breach public cloud environments. The Orca Security study found that authentication and password storage issues are commonplace.
  • Almost 25% of organisations aren’t using multi-factor authentication to protect one of their cloud account’s root, super admin users.
  • Almost half of organisations have internet-facing workloads containing secrets and credentials, posing a risk of lateral movement.
  • 60 percent of organisations have at least one neglected Internet-facing workload that has reached its end of life and is no longer supported by manufacturer security updates. Once past the Internet-facing workload and with keys-in-hand, cyber criminals traverse less secure internal machines in search of crown jewel data.
  • 77 percent of organisations have 10 percent or more of their internal workloads unpatched either for longer than 180 days or are no longer supported. 

Hackers take advantage of knowing that internal servers are less protected than external Internet-facing servers and that they can expand rapidly in search of critical data once inside a cloud estate and so cloud security is something all organisations must review and check systematically. 

Orca Security:     PR Newswire

You Might Also Read: 

The Future Of Ransomware Is In The Cloud:

 

« Home Working Cyber Security Toolkit
Hollywood Site Leaks Personal Data Of 260,000 Actors »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Bishop Fox

Bishop Fox

Bishop Fox is a leading authority in offensive security, providing solutions ranging from continuous penetration testing and attack surface management to product and application security assessments.

OneWelcome

OneWelcome

Onegini and iWelcome have merged to become OneWelcome, the largest European Identity Access Management Saas Vendor.

National Cybersecurity Student Association (NCSA) - USA

National Cybersecurity Student Association (NCSA) - USA

The National Cybersecurity Student Association is a one-stop-shop to enhance the educational and professional development of cybersecurity students through activities, networking and collaboration.

Empiric

Empiric

Empiric is a multi-award winning technology and transformation recruitment agency specialising in data, digital, cloud and security.

MagiQ Technologies

MagiQ Technologies

MagiQ produced the world’s first commercial quantum cryptography product that delivered advanced, future-proof network security.

Acmetek Global Solutions

Acmetek Global Solutions

Acmetek is a Global Distributor and a Trusted Advisor of PKI /IOT & SSL Security Products and a Managed Services Company.

BIG Cyber

BIG Cyber

BIG Cyber is a specialized Managed Security Service Provider (MSSP) dedicated to bringing military grade cyber security technology to the gaming industry.

Cisco Networking Academy

Cisco Networking Academy

Cisco Networking Academy is the world's largest classroom, bringing technology education, 21st-century skills, and improved jobs prospects since 1997.

SpeQtral

SpeQtral

SpeQtral offers commercial space-based Quantum Key Distribution (QKD) founded on technology developed at the National University of Singapore.

HashDit

HashDit

HashDit products and services focus on helping build a safe ecosystem for both protocol users and smart contract developers on BNB Chain.

Zyston

Zyston

Zyston's solutions provide end-to-end management of your cybersecurity needs. Our range of services help protect your business where it needs it the most.

Focus on Security

Focus on Security

Focus on Security are Cyber Security recruitment specialists. We’re dedicated to connecting you with the top Cyber Security talent across the globe. We focus on partnerships and results.

Summit 7 (S7)

Summit 7 (S7)

Summit 7 is a national leader in cybersecurity, compliance, and managed services for the Aerospace and Defense industry and corporate enterprises.

Smarsh

Smarsh

Smarsh products are designed for user-friendly, efficient compliance. From archiving, supervision, and discovery to cybersecurity – Smarsh has you covered.

IndoSec

IndoSec

IndoSec is an annual cybersecurity summit that powers an in-person gathering of cybersecurity leaders from Indonesia’s major corporations, leading businesses and key government entities.

Dial A Geek

Dial A Geek

Dial A Geek are a Bristol-based B Corp that provides Managed IT Services to companies of 20+ users. We help businesses with a smart use of tech, including compliance and cybersecurity solutions.