Cloud technologies are becoming more and more popular. Many companies shifted their workloads and their IT infrastructures into the cloud. The advantages are clear: more flexibility and scalability, less admin overhead and often cost savings. But with those advantages also come many risks.

Recent studies have shown several threats cloud technologies face. As data transfers to the cloud, the risk of unwanted access to that data increases. Cloud service providers guarantee their clients that they protect the cloud infrastructure, while the client has to take care of the data and applications in the cloud. But many clients do not configure their environments properly, which makes their environments open to risks they didn’t face within their on-premises environments.

Top threats to cloud computing

The Cloud Security Alliance (CSA) recently published a white paper on the current top threats to cloud computing. The list shows that, in general, misconfigurations and a lack of proper identity and access management (IAM) are leading threats to cloud security. A lack of expertise and the rapid expansion of technology makes it difficult to keep security in mind while moving to the cloud.

The complete list is:

  1. Poor identity, credential, access and key management and privileged account management
  2. Insecure interfaces and application programming interfaces (APIs)
  3. Misconfiguration and inadequate change control
  4. Lack of cloud security architecture and strategy
  5. Insecure software development
  6. Insecure third-party resources
  7. System vulnerabilities
  8. Accidental cloud data disclosure
  9. Misconfiguration and exploitation of serverless and container workloads
  10. Organized crime, threat actors and advanced persistent threats (APT)
  11. Cloud storage data exfiltration.

Tips from the list

CSA points out that, even if the cloud environments have proper security in place, attackers can still aim for the low-hanging fruit. They may attack misconfigured APIs or exploit overprivileged user accounts that don’t have the right policies in place. While it is always a challenge to put a secure architecture in place, implement a secure application development process and check third-party resources for vulnerabilities, the cloud adds new risks on top of those. In addition, serverless application developments and containers are a huge part of cloud computing, which completely change the way applications have to be secured.

When it comes to cloud security budgets, things don’t look any better. Companies can’t allocate their whole security budget to cloud security. However, ISC2 recently found that 57% of companies plan to increase their cloud security budget within a year. To better address the above-mentioned threats and improve training and education for their staff, the ISC2 report found that six out of 10 IT employees would feel more confident with cloud technologies if they had adequate training to improve their skills.

Some of the latest cloud breaches involve well-known companies from the tech industry. These cases underline that even for big tech companies, the cloud can be a challenge.

Learn about IBM Security Guardium Insights

Recent attacks on tech giants

The LockBit ransomware breached IT consulting company Accenture last year. Attackers gained access to several cloud storage servers that were not configured correctly and encrypted them in order to demand a ransom. Almost 6TB of data, including 10,000 user accounts and passwords, resided on the servers.

In the same vein, attackers hit the tech giant Facebook in 2021. Millions of user records, such as account names, images and check-in data, were exposed in misconfigured publicly facing cloud storage buckets. This enabled attackers to simply download the data via the internet. Facebook resolved the issue right away, but the data was already leaked.

Another famous example was the breach of the IT solutions provider Kaseya. It suffered a massive supply chain ransomware attack that aimed to steal admin control of Kaseya’s services from managed service providers and their downstream customers. The attack damaged the company’s servers and affected users all over the world. A lack of sufficient protection in their cloud environment made it possible for attackers to exploit vulnerabilities. This attack shows the importance of a secure architecture with a robust backup strategy.

Cloud-native tools

These are just a few cases that show the huge importance of cloud security today and in the future. The cloud will only become more important and prevalent in the next few years. That means that security assessments for cloud infrastructure, posture management, proper training of security personnel and assignment of skilled consultants will be crucial.

Last, cloud service providers have cloud-native tools to protect workloads, check for vulnerabilities and manage secure configurations. AWS provides tools like GuardDuty, AWS Inspector and AWS Shield. These tools help to protect against attacks, such as distributed denial of service (DDoS) attacks, and check for vulnerabilities. In addition, tools like AWS Config help to securely configure cloud resources.

Microsoft Azure provides similar cloud-native tools like Sentinel, Azure DDoS Protection and Azure Application Gateway. These tools help to secure the cloud infrastructure, protect against threats and check for vulnerabilities. Google Cloud, IBM Cloud and Oracle provide similar tools.

Identity and access management

Besides the tools, the first line of defense is a robust identity and access management (IAM) platform and strong governance policies. AWS IAM and Azure AD are tools where IAM policies should be properly set up. These policies should include revoking user access permissions if they are no longer in use.

Further protection can be achieved with proper application security tools while building and integrating security within the application development process in an ongoing manner. Set up DevSecOps practices in every stage of development.

Don’t forget containers

Besides cloud security management, secure handling of containers within the cloud is very important. This starts with the use of secure images and the proper setup of Kubernetes or Openshift clusters. Tools like Aquasec and JFrog are very useful to check for vulnerabilities within container images, and Openshift provides tools like ACS to manage overall container security.

These tools will prevent most of the damage and mitigate many risks. In addition, a robust cloud security architecture and IAM management, as well as the prevention of single points of failure and proper encryption of sensitive data, will make your cloud environments highly secure.

When the baseline security is achieved on behalf of all the helpful tools, a strict Zero Trust security strategy should be pursued. That’s one of the several important steps in making sure the highest security of your environment is guaranteed in the long run.

More from Risk Management

2024 roundup: Top data breach stories and industry trends

3 min read - With 2025 on the horizon, it’s important to reflect on the developments and various setbacks that happened in cybersecurity this past year. While there have been many improvements in security technologies and growing awareness of emerging cybersecurity threats, 2024 was also a hard reminder that the ongoing fight against cyber criminals is far from over.We've summarized this past year's top five data breach stories and industry trends, with key takeaways from each that organizations should note going into the following…

Black Friday chaos: The return of Gozi malware

4 min read - On November 29th, 2024, Black Friday, shoppers flooded online stores to grab the best deals of the year. But while consumers were busy filling their carts, cyber criminals were also seizing the opportunity to exploit the shopping frenzy. Our system detected a significant surge in Gozi malware activity, targeting financial institutions across North America. The Black Friday connection Black Friday creates an ideal environment for cyber criminals to thrive. The combination of skyrocketing transaction volumes, a surge in online activity…

How TikTok is reframing cybersecurity efforts

4 min read - You might think of TikTok as the place to go to find out new recipes and laugh at silly videos. And as a cybersecurity professional, TikTok’s potential data security issues are also likely to come to mind. However, in recent years, TikTok has worked to promote cybersecurity through its channels and programs. To highlight its efforts, TikTok celebrated Cybersecurity Month by promoting its cybersecurity focus and sharing cybersecurity TikTok creators.Global Bug Bounty program with HackerOneDuring Cybersecurity Month, the social media…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today