Security News > 2024 > February > Common cloud security mistakes and how to avoid them
According to recent surveys, 98% of organizations keep their financial, business, customer and/or employee information in the cloud but, at the same time, 95% of cloud security professionals are not sure their security protections and their team would manage to detect and respond to security threats or incidents affecting their cloud infrastructure.
Cloud misconfiguration errors may grant attackers unauthorized access to system functions and sensitive data, and have the potential to harm the integrity and security of the organization's cloud.
A frequent cloud security faux pas involves exposing access keys, credentials, and other sensitive information by storing them in plain text or including them into code.
Organizations face substantial risks in cloud security when lacking continuous monitoring, as it allows attackers to exploit weaknesses and remain unnoticed for extended periods.
ESET researchers added another common cloud security mistake: trusting the cloud provider too much.
Closely monitoring user activity and employing a cloud access security broker can enhance threat detection and enforce security policies across cloud applications.
News URL
https://www.helpnetsecurity.com/2024/02/07/cloud-security-mistakes/
Related news
- How AI Is Changing the Cloud Security and Risk Equation (source)
- Strategies for CISOs navigating hybrid and multi-cloud security (source)
- AWS unveils cloud security IR service for a mere $7K a month (source)
- Are Long-Lived Credentials the New Achilles’ Heel for Cloud Security? (source)
- Best CSPM Tools 2024: Top Cloud Security Solutions Compared (source)
- CrowdStrike vs Wiz: Which Offers Better Cloud Security and Value? (source)
- CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01 (source)
- Enhancing visibility for better security in multi-cloud and hybrid environments (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)