Security News > 2023 > June > 95% fear inadequate cloud security detection and response

Although numerous respondents acknowledged employing risky practices and behaviors within their cloud environments, they strongly believe in the effectiveness of their security tools and processes to safeguard their organizations against meticulously planned attacks, according to Permiso.
The survey assessed both the respondents cloud security practices and the scale of their environment, including the number of identities and secrets they manage, response time to an attack, the different methods of access into their environment, and the types of solutions they utilize to help secure their environments.
"We found that most respondents would characterize their response time to an attack to be between 12 and 24 hours. Data from actual production environments and incident responses show that number is more than two weeks. There is a significant disconnect within the survey data we collected and even more significant disparity when you compare that with actual data from cloud environments," added Permiso co-CEO, Paul Nguyen.
While 25% of the respondents use federation to access their cloud environment, only a little more than half of them have full visibility into the access activity of those federated users.
Over 60% of respondents manage at least 1,000 API secrets across their cloud environments, and a 30.9% manage at least 2,000 API secrets.
The Permiso survey found the two most significant categories of tools adopted in the cloud are those that cloud providers offer and cloud security posture management solutions.
News URL
https://www.helpnetsecurity.com/2023/06/27/cloud-environment-security/
Related news
- Balancing cloud security with performance and availability (source)
- Avoiding vendor lock-in when using managed cloud security services (source)
- Why multi-cloud security needs a fresh approach to stay resilient (source)
- Cloud security gains overshadowed by soaring storage fees (source)
- Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security (source)
- Google to purchase Wiz for $32 billion in cloud security play (source)
- Cloud security explained: What’s left exposed? (source)
- Oracle Cloud security SNAFU latest: IT giant accused of pedantry as evidence scrubbed (source)
- How CISOs can balance security and business agility in the cloud (source)
- Cloud providers aren’t delivering on security promises (source)