The theme for this year’s Cybersecurity Awareness Month was ‘Do Your Part. #BeCyberSmart.’ Here at Orca Security, we decided to do our part by creating and sharing a series of funny cartoons combined with practical cloud security advice on social media. Even though these are serious subjects, we find that humor is a good way to create awareness and have some fun at the same time!
Here are five favorite jokes and cartoons that we published this month, and some relevant information and education to go along with them:
#1. Detecting Lateral Movement Risk
Lateral movement, refers to ‘sideways movement’. So, while a great line dance will get you knee-deep in lots of ‘lateral movement’, the term is also used in cybersecurity to describe the practice of attackers exploiting multiple assets to move laterally from one asset to another to reach their end goal. By using their initial foothold to scan connected assets for unencrypted keys and other information, cyber attackers can move to the next target in search of crown jewel data.
It is possible to detect lateral movement risk by 1) analyzing stored secrets and privileges associated with any given asset and 2) assessing whether those privileges are overly permissive.
When we first scan our customers’ cloud estates, we often find several assets that offer almost unlimited access throughout their organization—a jackpot for potential attackers. It could be a monitoring server, bastion server, or a DevOps experiment. You can almost always reduce this risk by tightening access and making sure that you are continuously scanning your entire cloud estate for any potential lateral movement risks.
#2. Protecting Against Malware in the Cloud
What do YOU see when you look into the cloud(s)? In the cybersecurity world, cloud malware is an unfortunate reality, but it’s important to know that there is a lot you can do to minimize your risk:
- Ensure that all of your systems have the latest patches and updates installed, especially assets exposed to the public internet.
- Enforce good security hygiene practices across your cloud environment by using the “least privilege” approach when configuring IAM for cloud resources.
- Use multi-factor authentication for secure log-in.
- Encrypt your data, both at rest and in transit, wherever possible.
- Discover all publicly-connected resources and regularly scrutinize their need to be public.
- Ensure all your cloud assets are regularly scanned for malware using signature-based, heuristic and dynamic scanning.
- Train your employees to be Cyber Smart and play an active part in your defenses. For example, teach them not to click on unfamiliar links, keep secrets in a clear text file on a desktop, or leave a storage bucket publicly exposed.
#3 Holistic Approach to Cloud Security
When we talk about a ‘holistic’ approach to cloud security, we don’t actually mean this in the spiritual sense (although we don’t necessarily see a problem with that either!).
To get an accurate picture of your cloud security posture, it is important to take a holistic approach that takes into account the overall business and environmental context, as well as the severity of a cloud security issue. Only when all this data is combined, can you truly gain the necessary insight to determine which security issues are the most critical to your business.
#4 Lack of Effective Alert Prioritization
Are you drowning in a sea of senseless security alerts? If every security alert is marked as high priority, it is a bit like the boy who cried wolf: security teams become fatigued and desensitized to alerts, leading to team burnout and important alerts being missed. The solution? Effective alert prioritization through context-aware security intelligence.
#5 Resource-heavy Security Agent Deployments
Still using agents for your cloud security? While we all love a good James Bond movie, we are not talking about THAT kind of agent. We don’t need to tell you that deploying software agents takes a considerable amount of IT resources and slows down your cloud application development. Even more importantly, due to cumbersome and partial deployments, agent-based solutions can’t reliably provide full visibility: We find that on average only 50% of assets are covered by agent-based solutions.
Another concern that we recently exposed during Cybersecurity Awareness Month is the risk of supply chain attacks through agents that require administrative privileges to function.
We hope that we have been able to make you laugh (or at least smile), while also informing you about important cloud security issues. And remember, ‘Do Your Part. #BeCyberSmart’!
About Orca Security
Orca Security offers a radical new, agentless cloud-native application protection platform (CNAPP) that detects and prioritizes security risks at every layer of your AWS, Azure, and Google Cloud estates providing 100% visibility – in a fraction of the time and operational costs of other solutions. Find out more in our white paper Reinventing Security for the Cloud.