Vital Necessity Of Cloud Computing Highlights Security Risks

The vital necessity of cloud computing for both business and the general population is likely to accelerate market growth. With the frequency of online breaches and technological attacks on the rise, security maintenance has become the key point of focus. 

Companies have to take vital precautions before the onset of cyber risk. 

A newly released report by the leading cloud security specialist Orca Security on the State of Cloud Security In 2020 says that almost 80 percent of organisations have at least one neglected, Internet-facing workload, meaning it’s running on an unsupported operating system or has remained unpatched and insecure for 180 days or more. 

When an organisation elects to store data or host applications on the public cloud, it loses its ability to have physical access to the servers hosting its information. As a result, potentially sensitive data is at risk from insider attacks. Insider attacks are the sixth biggest threat in cloud computing. 

The recent statistics explain that there exist some organisations that have employed cloud-based security solutions. Around 90% of companies are deploying cloud-based services. 

Only 12% of global IT sectors understand how General Data Protection Regulation (GDPR) will affect the cloud services. 66% of IT engineers say that security was the biggest concern when they adopted the cloud computing platform.

The Orca Security Report explains that:

  • Attackers look for vulnerable frontline workloads to gain entrance to cloud accounts and expand laterally within the environment. While security teams need to secure all public cloud assets, attackers only need to find one weak link.
  • Weak security authentication is another way that attackers breach public cloud environments. The Orca Security study found that authentication and password storage issues are commonplace.
  • Almost 25% of organisations aren’t using multi-factor authentication to protect one of their cloud account’s root, super admin users.
  • Almost half of organisations have internet-facing workloads containing secrets and credentials, posing a risk of lateral movement.
  • 60 percent of organisations have at least one neglected Internet-facing workload that has reached its end of life and is no longer supported by manufacturer security updates. Once past the Internet-facing workload and with keys-in-hand, cyber criminals traverse less secure internal machines in search of crown jewel data.
  • 77 percent of organisations have 10 percent or more of their internal workloads unpatched either for longer than 180 days or are no longer supported. 

Hackers take advantage of knowing that internal servers are less protected than external Internet-facing servers and that they can expand rapidly in search of critical data once inside a cloud estate and so cloud security is something all organisations must review and check systematically. 

Orca Security:     PR Newswire

You Might Also Read: 

The Future Of Ransomware Is In The Cloud:

 

« Home Working Cyber Security Toolkit
Hollywood Site Leaks Personal Data Of 260,000 Actors »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Booz Allen Hamilton

Booz Allen Hamilton

Booz Allen Hamilton is a management & tech consulting firm. Technology services include cloud computing, cyber security, systems development and integration.

Kaspersky Lab

Kaspersky Lab

Kaspersky Lab is one of the world’s largest privately held vendors of endpoint cybersecurity solutions.

HID Global

HID Global

HID Global is a trusted leader in products, services and solutions related to the creation, management, and use of secure identities.

CryptoCodex

CryptoCodex

Cryptocodex has developed Counter-Fight, the most advanced, yet simple to implement, counterfeit detection system.

Magix Security

Magix Security

Magix Security assesses the cyber threat, gives you visibility of how vulnerable your business is to attack, and provides cybercrime detection and prevention services.

World Congress on Industrial Control Systems Security (WCICSS)

World Congress on Industrial Control Systems Security (WCICSS)

The World Congress on Industrial Control Systems Security (WCICSS) is focused on emerging trends in protection of industrial control systems.

iTechArt Group

iTechArt Group

iTechArt is a top-tier custom software development company offering Cybersecurity Consulting, Application Security Testing, Risk Management and Compliance, and Infrastructure Security services.

Internet 2.0

Internet 2.0

Internet 2.0 is a Cyber Security technology company with a core focus on developing affordable but sophisticated cyber security solutions.

Privafy

Privafy

Privafy helps mobile service providers, IoT manufactures , and enterprises redefine the way they protect Data-in-Motion.

Adarma Security

Adarma Security

Adarma are specialists in threat management including SOC design, build & operation.

Cira Info Tech

Cira Info Tech

Cira InfoTech’s cyber security and network consulting and managed services deliver unmatched talented resources and capabilities required to design and build an agile and adaptive IT environment.

4Securitas

4Securitas

4Securitas is an innovative cyber security firm focused on protecting critical data at the core of every organisation.

Neosec

Neosec

We’re reinventing API security. Understanding behavior requires data, analytics, and intelligence. Neosec brings XDR techniques to application security.

Cyber Security Works (CSW)

Cyber Security Works (CSW)

Cyber Security Works is your organization’s early cybersecurity warning system to help prevent attacks before they happen.

Trace3

Trace3

Trace3 is a pioneer in business transformation solutions, empowering organizations to keep pace with the rapid changes in IT innovations and maximize organizational health.

White Tuque

White Tuque

A new way to protect your organization. White Tuque is your partner in identifying threats, understanding your risk, and ensuring your business remains resilient.