Cloud risks have filled the news cycle of late, but the real cloud security landscape is nothing like the headlines would have you believe.

For example, serverside ransomware attacks, despite their high public profile, account for only about 2 percent of recorded incidents, according to Alert Logic’s “2017 Cloud Security Report.” In contrast, nearly three-quarters of security events involve attacks on web applications.

The study asserted that the public cloud is actually fairly secure. In fact, according to the report’s data, organizations using on-premises solutions experienced 51 percent more security incidents than firms that operate in the public cloud. Private and hybrid clouds, however, still have their fair share of security gaps.

Mapping the Cloud Security Landscape

The study examined more than 2.2 million security incidents recorded by more than 3,800 organizations over an 18-month period, CIO Insight reported. It found that web application attacks accounted for 75 percent of all incidents and that 85 percent of firms experience such attacks. Injection attacks, such as SQL injections, were the most common type of incident.

Unsurprisingly, the report found that threat actors are particularly drawn to e-commerce platforms and content management systems (CMS). This supports the notion that cybercriminals are increasingly eager to get their hands on intellectual property.

The survey also looked at comparative rates of attack against different types of application hosting environments. The public cloud fared best, with customers reporting an average of 405 security incidents over the 18-month window. Companies with on-premises storage, on the other hand, averaged 612 incidents over the same period.

Cybercriminals Aim for the Clouds

To be sure, these comparisons must be viewed in context. Private clouds and hybrid cloud environments are generally used by companies that handle a lot of highly sensitive data — the kind that draws attackers. Still, it is notable that public cloud users experience markedly fewer security incidents than on-premises firms.

It’s also worth pointing out that plain old brute-force attacks accounted for 12 percent of incidents, with 52 percent of them aimed at Windows platforms. This is noteworthy because the enterprise world is still largely a Windows environment.

The study recommended a few basic best practices to help organizations protect themselves in an evolving cloud security environment, such as whitelisting, consistent patching and careful handling of access privileges. Despite the widespread uncertainty and many misconceptions about the cloud, one thing is for sure: As long as security gaps exist, cybercriminals will continue to target sensitive data, no matter where it resides.

More from Cloud Security

How Do You Plan to Celebrate National Computer Security Day?

In October 2022, the world marked the 19th Cybersecurity Awareness Month. October might be over, but employers can still talk about awareness of digital threats. We all have another chance before then: National Computer Security Day. The History of National Computer Security Day The origins of National Computer Security Day trace back to 1988 and the Washington, D.C. chapter of the Association for Computing Machinery’s Special Interest Group on Security, Audit and Control. As noted by National Today, those in…

Why Are Cloud Misconfigurations Still a Major Issue?

Cloud misconfigurations are by far the biggest threat to cloud security, according to the National Security Agency (NSA). The 2022 IBM Security X-Force Cloud Threat Landscape Report found that cloud vulnerabilities have grown a whopping 28% since last year, with a 200% increase in cloud accounts offered on the dark web in the same timeframe. With vulnerabilities on the rise, the catastrophic impact of cloud breaches has made it clear that proper cloud security is of the utmost importance. And…

Charles Henderson’s Cybersecurity Awareness Month Content Roundup

In some parts of the world during October, we have Halloween, which conjures the specter of imagined monsters lurking in the dark. Simultaneously, October is Cybersecurity Awareness Month, which evokes the specter of threats lurking behind our screens. Bombarded with horror stories about data breaches, ransomware, and malware, everyone’s suddenly in the latest cybersecurity trends and data, and the intricacies of their organization’s incident response plan. What does all this fear and uncertainty stem from? It’s the unknowns. Who might…

How an Attacker Can Achieve Persistence in Google Cloud Platform (GCP) with Cloud Shell

IBM Security X-Force Red took a deeper look at the Google Cloud Platform (GCP) and found a potential method an attacker could use to persist in GCP via the Google Cloud Shell. Google Cloud Shell is a service that provides a web-based shell where GCP administrative activities can be performed. A web-based shell is a nice feature because it allows developers and administrators to manage GCP resources without having to install or keep any software locally on their system. From…