As organizations move their operations to the cloud, they face daunting challenges in ensuring secure configurations and a consistent security posture across multiple cloud services and platforms. Additionally, they must accomplish all of this in a way that doesn't hinder their development teams, which is no easy task. While many organizations are still grappling with these complexities, cloud computing still offers considerable advantages that make these efforts worthwhile.
Cloud Native Application Misconfigurations and Issues
As a result, a number of misconfigurations and issues have arisen as the pace of application development has accelerated. The top five reported issues associated with misconfigured cloud applications and services over the past year include:
● 30 percent external workloads
● 27 percent overly permissive user accounts
● 23 percent misconfigured security groups
● 22 percent overly generous service accounts
● 22% unprotected cloud secrets
How organizations can improve cloud security
Nearly every application has at least one vulnerability or misconfiguration that impacts security, and a quarter of those are so serious that it's hard to know where to start. Based on a recent study conducted by ESG, we've rounded up five key areas that organizations should focus on as they refine their cloud strategy by 2024.
Gaining developer support
Simply put, if a security solution gets in the way of how developers work, they won't use it. Depending on the structure of the organization and cloud adoption, security responsibilities typically belong to a group that relies 31 percent on a dedicated cybersecurity team and 20 percent on IT operations. However, multiple groups are involved in the implementation and operation of cybersecurity controls.
In terms of day-to-day usage, DevOps jumps to 45%, second only to cybersecurity teams (56%). Finding a solution can help these teams collaborate better and streamline efforts and reduce duplication with visibility into roles and policies.
Integrating Security Processes and Controls Through DevOps Processes
There is a growing effort to integrate security tools into development practices, especially around controls for tools that manage the SDLC, including the CI/CD phase. Currently, more than half (57%) of organizations say they have integrated security into their DevOps processes to some degree. Additionally, 47% of respondents found that the most effective measure to improve security for cloud-native applications is the use of IAC templates and third-party solutions to identify and correct misconfigurations before deploying new code to production environments.
Addressing scale with CSPM
One of the biggest cloud security challenges is trying to maintain security consistency across an enterprise's data center and public cloud environments. While most organizations utilize CSP security features and functionality to best leverage the architecture of that cloud platform, the vast majority of organizations use third-party CSPM solutions at 46%.
Using a neutral CSPM offering, they can manage applications across multiple cloud environments to drive cross-platform consistency. This integrated dashboard provides a unified view to best assess risk. Key business drivers for using CSPM include addressing the large number of assets residing in the cloud, preparing for security incidents, and meeting best practices for configuring workloads residing in the cloud and using APIs.
Don't ignore entitlements when defining roles, access and permissions
When it comes to managing cloud authorization, most organizations believe they understand user roles and permissions, including knowing who can change the configuration of a record or element. They are most concerned about the ease of overconfiguring access and managing access to mitigate risk. Cloud Infrastructure Entitlement Management (CIEM) is a feature that helps scale with the right amount of visibility and control. The vast majority of organizations see CIEM as critical in mitigating security risks and may use automated remediation to remove excessive, unneeded and unused permissions and rights.
Consolidation to CNAPP mindset
As organizations have graduated through the stages of cloud security, they have gathered a catalog of different solutions and are now looking to consolidate into a platform that can connect key pieces of CSPM, CIEM, and intelligence to developer and application security.
CNAPP connects everything together, thereby reducing the number of misconfigurations and increasing efficiency, thus allowing security to coordinate with development for faster fixes. In fact, 84% plan to invest in a CNAPP with strong CSPM capabilities.
A complete unified cloud-native security platform
It's clear that security teams are looking for newer, more effective ways to drive action to reduce security risk. By keeping these five key areas in mind, including cutting excessive access and fixing coding issues that make them vulnerable to attack, organizations can maximize their security posture with a fixed level of investment. From a unified platform, security can be visualized and assessed, misconfigurations can be detected, gold standard policies can be modeled and enforced, attacks and insider threats can be prevented, and regulatory requirements and best practices can be adhered to.