News & Views

Aqua security survey

Research from pure-play cloud native security leader, Aqua Security (www.aquasec.com) reveals 90% of companies are vulnerable to security breaches due to cloud misconfigurations such as leaving bucket or blog storage open can open companies up to critical security breaches.

Even when companies are aware of errors, most have not addressed the bulk of these issues in a timely manner. Larger enterprises in particular take on average 888 days to address issues after discovery, says Aqua’s ‘2021 Cloud Security Report: Cloud Configuration Risks Exposed’ (
https://info.aquasec.com/cspm-threat)

“When you consider that a single cloud misconfiguration can expose organisations to severe cyber risk, such as data breaches, resource hijacking and denial of service attacks, the consequences of failing to address misconfiguration issues are all too real to ignore,” said Assaf Morag, Lead Data Analyst with Aqua’s Team Nautilus.
 
Over 12 months, Aqua analysed anonymized cloud infrastructure data from hundreds of organizations, and our research findings point to important security gaps.  Less than 1% of enterprise organizations fixed all detected issues while less than 8% of SMBs fixed all detected issues.

More than 50% of all organizations receive alerts about misconfigured services with all ports open to the world, but only 68% of these issues were fixed, taking 24 days on average.  Likewise, over 40% of users had at least one misconfigured Docker API, taking an average of 60 days to remediate.
 
“These findings point to numerous security posture issues across Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) accounts, which suggests both a lack of understanding as well as an overwhelming number of issues requiring attention,” continues Morag.
 
“Cloud-native applications improve agility by giving more people access to define the environment, but we see many organizations move away from a centralized approach to security.  The traditional model of permitting only a small, highly skilled team of security practitioners to make all configuration changes has given way to a modern, decentralised approach.  Development teams are making configuration decisions or applying services, and that can have dramatic implications for the security posture of an organisation’s production environment.”
 
“Whether an organization adopts a single or multi-cloud environment, it must be proactive in monitoring for and fixing service configuration issues that can unnecessarily expose it to threats,” adds Ehud Amiri, Senior Director of Product Management.  “Failure to do so will inevitably result in damage that can be much greater than the traditional OS or on-premises workloads.”
 
Aqua Security’s “2021 Security Report: Assessing Cloud Infrastructure Risks” is available at (
https://info.aquasec.com/cspm-threat)