Security News > 2022 > September > Most critical security gaps in the public cloud

Orca Security released the 2022 State of the Public Cloud Security Report, which provides important insights into the current state of public cloud security and where the most critical security gaps are found.

The report, compiled by the Orca Research Pod, includes key findings from analyzing cloud workload and configuration data captured from billions of cloud assets on AWS, Azure and Google Cloud scanned by the Orca Cloud Security Platform from January 1st until July 1st 2022.

The report identifies where critical security gaps are still being found and provides recommendations on what steps organizations can take to reduce their attack surface and improve cloud security postures.

"The security of the public cloud not only depends on cloud platforms providing a safe cloud infrastructure, but also very much on the state of an organization's workloads, configurations and identities in the cloud," said Avi Shua, CEO, Orca Security.

"Our latest State of the Public Cloud Security report reveals that there is still much work to be done in this area, from unpatched vulnerabilities and overly permissive identities, to storage assets being left wide open. It is important to remember however, that organizations can never fix all risks in their environment. They simply don't have the manpower to do this. Instead, organizations should work strategically and ensure that the risks that endanger the organization's most critical assets are always patched first."

The state of public cloud security Crown jewels are dangerously within reach: The average attack path only needs 3 steps to reach a crown jewel asset, meaning that an attacker only needs to find three connected and exploitable weaknesses in a cloud environment to exfiltrate data or hold an organization to ransom.

News URL

https://www.helpnetsecurity.com/2022/09/19/state-of-public-cloud-security/