Three quarters of organizations plan to buy more cloud security tools in 2019 as a means to better secure increasingly complex cloud environments, new research shows. The data comes from Alcide, which today released its “2018 Report: The State of Securing Cloud Workloads.” Nearly 350 security, DevOps, and IT pros weighed in to share their cloud security plans. Most are struggling to secure complex cloud setups, and think more tools will help.
Results show cloud security workflows remain fragmented. Across all company sizes, about 53% of respondents distribute their cloud workloads across a hybrid infrastructure; 18% use multi-cloud. The larger the business, the higher the degree of fragmentation, researchers found.
Read more about the findings of the Alcide research on DarkReading.
McAfee released its Cloud Adoption and Risk Report, which analyzed billions of events in anonymized customers production cloud use to assess the current state of cloud deployments and to uncover risks. The report revealed that nearly a quarter of the data in the cloud can be categorized as sensitive, putting an organization at risk if stolen or leaked.
The study found that while organizations aggressively use the public cloud to create new digital experiences for their customers, the average enterprise experiences more than 2,200 misconfiguration incidents per month in their infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) instances.
A majority of companies (54 percent) are worried that they will soon outgrow their security solutions, according to Threat Stack. While budgets are expected to increase by 19 percent over the next two years, organizations are struggling with a disconnect between security and DevOps and are facing difficulties in determining where to allocate this budget in the face of rapidly evolving infrastructure.
With less than half of their infrastructure remaining on-premise (41 percent), businesses are increasingly making significant migrations to infrastructure-as-a-service (IaaS) (25 percent), platform-as-a-service (PaaS) (17 percent), and containers (10 percent). The top two budget investments in 2019 will be directed at cloud workload security and intrusion detection systems (IDS).
This year we’ve seen massive malware attacks spanning from nation state campaigns originating in North Korea and Russia to popular restaurants and everything in between. Each new incident serves as a grim reminder to business leaders that hackers will not relent. Yet with cloud adoption growing rapidly in the enterprise, the odds of a malware infection spreading and leading to a potential breach are increasing.
According to a study conducted by the Ponemon Institute, almost 90 percent of businesses believe an increase in cloud usage will increase the probability of a data breach – and this trend isn’t going away anytime soon.
The world around online data is changing, and with it the landscape of business is facing an irreversible shift. Not only in terms of regulations but in the way businesses actually use and have access to data. An increasing number of businesses are moving their data to the cloud, which brings a different set of security issues.
Through the cloud, hackers can shut down your business for weeks — or longer. They can steal not only your data but your resources. Companies often don’t take this threat seriously enough. Thankfully, there are steps you can take to protect your company, and they aren’t that complicated.
Read about five best practices to keep your data (and profits) out of the hands of hackers on DarkReading.
As companies work to protect their cloud environments, they need to know which types of attacks are most likely to hit. “Cloud has been around for years, but cloud security has only within the past year or so become a formal discipline,” says Matthew Chiodi, vice president of cloud security at RedLock. And as the cloud evolves, attackers are finding new, advanced ways to break into enterprise environments.
Public cloud security incidents often stem from a poor understanding of the shared responsibility model, which governs how cloud users and providers both shoulder the burden of security, Chiodi says.
Read about different types of cyberattacks that are affecting cloud environments on DarkReading.
Traditional firewalls track the domains that traffic is coming from and the ports it’s going to. Nextgen firewalls go beyond that — they also monitor the content of the messages for malware and data exfiltration and can react in real time to stop threats. The newest iterations do even more, adding behavioral analytics, application security, zero-day malware detection, support for cloud and hybrid environments, and even endpoint protection.
According to Gartner, by 2020, nextgen firewalls will reach almost 100 percent of internet points of presence. Most organizations, however, will use only one or two of the nextgen features.
Read more about the future of next generation firewalls on CSO.
52% of consumers worldwide are now using Internet of Things (IoT) devices, yet 64% of those have already encountered performance issues – according to Dynatrace. On average, consumers experience 1.5 digital performance problems every day, and 62% of people fear the number of problems they encounter, and the frequency, will increase due to the rise of IoT.
For organizations deploying IoT strategies, these results indicate a critical need to master two things. Firstly, escalating IT complexity, thanks to new cloud technologies, microservices and the pressure to innovate faster. Secondly, the necessity to build out well-planned IoT monitoring and performance strategies to ensure sound application delivery and a great digital experience.
It takes over a month for the average organization to patch its most critical vulnerabilities, according to a new report detecting trends in Web application attacks.
The data comes from tCell, which today released its Q2 2018 “Security Report for In-Production Web Applications.” Researchers analyzed more than 316 million security incidents across its customer base and published key findings on the most common types of real-world attacks taking place within in-production Web apps in the Amazon Web Services and Microsoft Azure cloud ecosystems.
Read more about the findings of the new report by tCell on DarkReading.