Security News > 2022 > December > Dealing with cloud security shortfalls
"Several years ago in cybersecurity, companies realized that the single greatest threat vector was the individual end user. So, the focus shifted from perimeter and end-point security to automatically applying security at the user level," said Jeff Kukowski, CEO of CloudBolt.
"I think this new report reveals a similar parallel in cloud security. Macro solutions that don't make cloud security automatic at the individual, cloud-provisioning 'moment of truth' create lots of opportunity for exposure and leave enterprises only 'somewhat, sometimes' secure. I predict 2023 will be the year we see significantly more focus on shoring up these current cloud security shortfalls. It's a very solvable problem when you apply the right approaches," Kukowski continued.
Respondents primarily attributed shortfalls in cloud security at the user level to a growing multi-cloud skills gap and over-reliance on cloud-native security and monitoring tools.
As revealed in a previous CII study, there simply aren't enough people with the necessary skills across all major cloud platforms to effectively address the biggest cloud challenges - including security.
Each is fraught with limitations that create the "Somewhat, sometimes" security issues at the user level.
"But in a multi-cloud world, the unique nuances of settings and required knowledge between each major cloud create plenty of opportunities for errors, omissions, and mistakes by individuals. And monitoring tools alone cannot provide proactive and automatically applied guardrails. Companies appear to have been lulled into a false sense of security. The reality is that proper security processes, protocols and best practices must be built into cloud workloads up front to prevent missteps from happening in the first place. Not somewhat or sometimes - fully and all the time," Kukowski concluded.
News URL
https://www.helpnetsecurity.com/2022/12/22/dealing-with-cloud-security-shortfalls/
Related news
- How AI Is Changing the Cloud Security and Risk Equation (source)
- Strategies for CISOs navigating hybrid and multi-cloud security (source)
- AWS unveils cloud security IR service for a mere $7K a month (source)
- Are Long-Lived Credentials the New Achilles’ Heel for Cloud Security? (source)
- Best CSPM Tools 2025: Top Cloud Security Solutions Compared (source)
- CrowdStrike vs Wiz: Which Offers Better Cloud Security and Value? (source)
- CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01 (source)
- Enhancing visibility for better security in multi-cloud and hybrid environments (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)