There is growing interest in using Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) for application development. As Vectra AI’s latest report shows, the benefits of the cloud must be weighed against the security risks of increasingly complex and scalable deployments, especially in public cloud services such as Amazon Web Services (AWS ).
Vectra AI examined how organizations manage the security of their implementations in AWS. 70% of companies surveyed were large companies with more than 1,000 employees. All have faced a security incident in their cloud environment. Here are the main conclusions:
- Companies are investing heavily in security-related operations. More than half of the companies surveyed employed double-digit numbers of employees in security operations centers (SOCs). The increase in the number of employees is also confirmed by other data sources and indicates a continuous increase in the salaries of security analysts, who are currently in high demand.
- Security and DevOps personnel try to be proactive and preventative in their role. They want to be able to predict potential threats or vulnerabilities before hackers spot them.
- The risk increases exponentially as more and more people gain access to the AWS environment. The challenges of secure cloud configuration are expected to continue to increase in the near future due to the size, scale, and continuity of change.
- Organizations are looking for more control over AWS services. If there’s no way to monitor a particular service, security teams have no way to verify that the service isn’t being used by hackers, revealing a huge blind spot.
- The cloud has grown so big that it’s nearly impossible to configure securely and reliably these days. Nearly a third of organizations surveyed do not have formal confirmation procedures before going live, and 64% roll out new services every week or more.
- You need a solution that will provide comprehensive security in various areas. Security professionals want the automation of operations to increase efficiency. Increasing the workload with additional manual tasks will only slow them down.
Specialists complain about the lack of tools
36% of people in the Vectra AI study are people in security positions. As the study revealed, security engineers are looking for comprehensive navigational dashboards that provide a holistic view of a company’s infrastructure and unwanted activity. They want to be more efficient when it comes to rolling out new features and bug fixes, and helping developers deploy, compile, and release software. They are frustrated by crises that consume company resources and are preventable. They also want to be proactive, avoid unnecessary and reactive work.
71% of respondents use more than four services, making them even more vulnerable to attacks. Only 29% use three AWS services – S3, EC2, IAM. 64% of DevOps respondents implement new services at least once a week.
Whatever their role, all security professionals need tools to help them use their time wisely and prioritize, prevent security incidents and anticipate attackers’ movements.
– Many modern tools only cover a fraction of the services implemented by most organizations. Our Vectra Detect for AWS uses artificial intelligence to automatically detect, prioritize, and stop advanced attacks targeting global AWS environments. It helps DevOps migrate, develop and deploy more applications confidently with high speed, flexibility and scalability. In turn, thanks to the threat detection and response capabilities integrated in the cloud, this reduces the risk of attackers using AWS services – explains Christian Putz, Country Manager of Vectra AI.
No implementation confirmation procedure before going into production
Due to the size, scale, and constant changes in workloads and infrastructure, setting up the cloud securely will remain a very challenging task.
30% of organizations surveyed don’t have a formal implementation confirmation process before going live, and 40% admit they don’t use DevSecOps workflows. This shows that the cloud has grown so much that it is almost impossible to set it up securely. And while multiple apps can be configured to reach the right services, with the number of people who have access to modify both apps and services, the risk is multiplied by an order of magnitude.
No holistic solutions
40% of organizations surveyed say they use AWS in three or more areas.
Native Cloud ISP threat detection tools require a console for each region, so security professionals must manually investigate the same threat in each regional console. Additionally, native tools frustrate those who attempt to automate activities and can increase the risk of a successful security breach.
A secure and reliable cloud setup will continue to test the ability of many organizations to defend against today’s attacks. Legacy endpoint security tools are routinely bypassed by cybercriminals, and the new cloud landscape is the Wild West for cybercriminals.
As organizations will not abandon the cloud, controlling security risks must remain a priority.