Security News > 2023 > June > 95% fear inadequate cloud security detection and response
Although numerous respondents acknowledged employing risky practices and behaviors within their cloud environments, they strongly believe in the effectiveness of their security tools and processes to safeguard their organizations against meticulously planned attacks, according to Permiso.
The survey assessed both the respondents cloud security practices and the scale of their environment, including the number of identities and secrets they manage, response time to an attack, the different methods of access into their environment, and the types of solutions they utilize to help secure their environments.
"We found that most respondents would characterize their response time to an attack to be between 12 and 24 hours. Data from actual production environments and incident responses show that number is more than two weeks. There is a significant disconnect within the survey data we collected and even more significant disparity when you compare that with actual data from cloud environments," added Permiso co-CEO, Paul Nguyen.
While 25% of the respondents use federation to access their cloud environment, only a little more than half of them have full visibility into the access activity of those federated users.
Over 60% of respondents manage at least 1,000 API secrets across their cloud environments, and a 30.9% manage at least 2,000 API secrets.
The Permiso survey found the two most significant categories of tools adopted in the cloud are those that cloud providers offer and cloud security posture management solutions.
News URL
https://www.helpnetsecurity.com/2023/06/27/cloud-environment-security/
Related news
- How AI Is Changing the Cloud Security and Risk Equation (source)
- Strategies for CISOs navigating hybrid and multi-cloud security (source)
- AWS unveils cloud security IR service for a mere $7K a month (source)
- Are Long-Lived Credentials the New Achilles’ Heel for Cloud Security? (source)
- Best CSPM Tools 2025: Top Cloud Security Solutions Compared (source)
- CrowdStrike vs Wiz: Which Offers Better Cloud Security and Value? (source)
- CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01 (source)
- Enhancing visibility for better security in multi-cloud and hybrid environments (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)