Security News > 2024 > August > Misconfigurations and IAM weaknesses top cloud security concerns

Traditional cloud security issues often associated with cloud service providers are continuing to decrease in importance, according to the Top Threats to Cloud Computing 2024 report by the Cloud Security Alliance.
"It's tempting to think that the reason the same issues have remained in the top spots since the report was last issued stems from a lack of progress in securing these features. The larger picture speaks to the importance placed on these vulnerabilities by organizations and the degrees to which they are working to build ever more secure and resilient cloud environments," said Michael Roza, co-chair, Top Threats Working Group.
Evolving regulatory landscape: Regulatory bodies will likely implement stricter data privacy and security regulations, requiring organizations to adapt their cloud security practices.
"Given the ever-evolving cybersecurity landscape, it's difficult for companies to stay ahead of the curve and mitigate their financial and reputational risks. By bringing attention to those threats, vulnerabilities, and risks that are top-of-mind across the industry, organizations can better focus their resources," said Sean Heide, Technical Research Director, Cloud Security Alliance.
In creating the Top Threats to Cloud Computing 2024 report, the Working Group conducted research in two stages, both of which used surveys to gather the thoughts and opinions of cybersecurity professionals concerning the most relevant threats, vulnerabilities, and risks of security issues to cloud computing.
During the first stage the group created a short list of cloud security issues through in-person surveys of group members; the second stage polled more than 500 industry experts on a short-list of 28 security issues in the cloud industry to compile the final report.
News URL
https://www.helpnetsecurity.com/2024/08/12/cloud-computing-issues/
Related news
- Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security (source)
- Google to purchase Wiz for $32 billion in cloud security play (source)
- Cloud security explained: What’s left exposed? (source)
- Oracle Cloud security SNAFU latest: IT giant accused of pedantry as evidence scrubbed (source)
- What native cloud security tools won’t catch (source)
- Ransomware spike exposes cracks in cloud security (source)
- Cloud providers aren’t delivering on security promises (source)
- There are 10,000 reasons to doubt Oracle Cloud's security breach denial (source)
- Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse (source)
- Observability is security’s way back into the cloud conversation (source)