Sep 13, 2022
Orca Security has released the 2022 State of the Public Cloud Security report, which provides important insights into the current state of public cloud security and where the most critical security gaps are found. The report further provides recommendations on what actions organizations can take to reduce their attack surface and improve cloud security postures.
This year’s study shows that while many organizations list cloud security as one of their top IT priorities, there are still many basic security practices that are not being followed consistently. In the rush to move resources to the cloud, it seems that organizations are struggling to keep up with ever-expanding cloud attack surfaces and increasing multi-cloud complexity.
Download this report now and get the full list of the latest cloud security trends and insights organizations are facing today.
The report finds that:
Below, we highlight report findings from a cross section of cloud security focus areas. To read about all topics, including neglected assets, Log4Shell, Spring4Shell, remediation times, database and key misconfigurations, lateral movement, cloud storage and database security, download the full report.
With the sheer number of vulnerabilities being discovered every day, it is increasingly difficult for organizations to keep up. Many fall behind on patching newly discovered vulnerabilities, but some are also not addressing vulnerabilities that have been around for a long time:
From these figures, we can conclude that organizations really should be placing more effort into fixing vulnerabilities. However, many lack the staff to patch these vulnerabilities, which in more complex, mission critical systems is often not a simple matter of just running an update. Instead, patching can require rigorous testing to make sure that an update doesn’t cause more problems than it solves.
This is why strategic remediation is needed. Instead of trying to fix *all* vulnerabilities, or only those vulnerabilities with the highest CVSS score, it is important that organizations understand which vulnerabilities form a dangerous attack path to the company’s crown jewels. This requires deep and wide insight into cloud workload, configuration and identity risks and how these risks can be combined. In this way, security teams can focus on a much smaller number of vulnerabilities and make sure that those are fixed first.
One of the key elements of Identity and Access Management is adhering to the principle of least privilege (PoLP), which is the practice of limiting a user’s access rights to only that which is strictly required to do their jobs. The report finds that PoLP is still lacking in many cloud environments:
In their 2021 Hype Cycle for Cloud Security, Gartner predicts that through 2025, more than 99% of cloud breaches will originate from preventable misconfigurations or mistakes by end users. They also advise that “CIOs must change their line of questioning from “Is the cloud secure?” to “Am I using the cloud securely?”. From our research, it appears that there is still some work to do:
Cloud-native services, such as containers, Kubernetes, and serverless are far more lightweight than VMs, use fewer resources and are cheaper to run. For this reason, they are quickly gaining in popularity. However, cloud-native functions still need maintenance to ensure there are no lurking vulnerabilities or misconfigurations that could endanger the cloud environment.
An attack path is the route that an attacker takes – or could take – to reach their target, with the goal of data exfiltration, holding the organization to ransom, or selling PII. En route to the company’s crown jewels, attackers take advantage of weaknesses in the environment to gain access to specific assets and move laterally from one to the other.
The report includes several recommendations for reducing cloud security risks, from maintaining a cloud asset inventory and performing regular audits, to adhering to PoLP and cleaning up unused assets and accounts.
The Orca Research Pod compiled the annual 2022 State of the Public Cloud Security report by analyzing workload, configuration, and identity data captured from billions of cloud assets on AWS, Azure and Google Cloud scanned by the Orca Cloud Security Platform.
The Orca Research Pod is a group of 12 cloud security researchers that discovers and analyzes cloud risks and vulnerabilities to strengthen the Orca platform and promote cloud security best practices. In addition, the Orca research team discovers and helps resolve vulnerabilities in cloud provider platforms so organizations can rely on a safe infrastructure in the cloud.
Would you like to find out how many of these risks are present in your cloud environment? Take our free, no obligation risk assessment and find out! Since no agents need to be installed, the Orca platform can be deployed in under 30 mins, and immediately start scanning for risks across your cloud environments.
The Orca Cloud Security Platform offers agentless cloud security and compliance for AWS, Azure, and Google Cloud in a fraction of the time and operational costs of other solutions. Orca is trusted by global innovators, including Databricks, Autodesk, Lemonade, Gannett, and Robinhood.