Human Factor Tops Cloud Threats in Cloud Security Alliance Report – THE Magazine

Cyber ​​Security

Human Factor Tops Cloud Threats in Cloud Security Alliance Report

The No. 1 cybersecurity threat in the cloud has changed from what it was two years ago, according to a new report from the Cloud Security Alliance (CSA), which offers useful mitigation strategies and suggests that artificial intelligence could help (or hurt).

CSA recently published its report on the top threats facing cloud computing in 2024, which includes interesting data compared to a similar report released in 2022.

When comparing the two, it turns out that one familiar criminal has risen to the top threat rank: humans. Specifically, in 2024, the problem of misconfiguration and inadequate change control has overtaken the problem of identity and access management (IAM).

“Traditional cloud security issues often associated with cloud providers continue to decline in importance,” said a spokesperson for Virtualization & Cloud Review. “These findings continue the trajectory first seen in the 2022 report, coupled with the fact that threats such as the persistent nature of misconfiguration, identity and access management (IAM) vulnerabilities, insecure application programming interfaces (APIs), and the lack of a comprehensive security strategy continue to rank high, highlighting their ongoing critical nature.”

ongoing problem

This finding is not new, as a recent report by Thales came to the same conclusion, along with several other similar studies (see “Cloud Security: Despite All the Technology, It’s Still People”).

In its Cloud Security Report released last month, the fourth in a series by the global technology company, Thales said: “Human actions can compromise security. This concern is heightened by the high number of cloud data breaches, with 44% of respondents reporting such incidents. 14% reported a breach in the past 12 months. Human error, issues with vulnerability and configuration management, and failure to use multi-factor authentication (MFA) were also cited as the main causes.”

Other reports earlier this year covered similar topics (see: “Misconfigurations Still a Barrier to Cloud Security, New Report Says”).

At the time, the CSA chart showed that security configuration errors were the second leading cause of outages, after cloud service provider issues.

This has been a persistent and prominent problem for years, and despite all the publicity and mitigation advice it shows no signs of abating.

Configuration management has been a cornerstone of organizational capability maturity for decades, but the shift to cloud computing has exacerbated the challenges, so adopting more robust cloud-specific configurations is critical, the CSA said. Misconfigurations can have wide-ranging impacts across the enterprise given the constant network access and endless capacity of the cloud, the group said.

“It is tempting to think that the reason the same issues have remained at the top since the last report was released is due to a lack of progress in securing these features,” said Michael Rosa, co-chair of CSA’s Key Threats Working Group and one of the lead authors of the research paper. “However, the bigger picture speaks to the importance organizations place on these vulnerabilities and the degree to which they are working to build more secure and resilient cloud environments.”

Here's what the Canadian Space Agency says about the three biggest threats coming in 2024:

Identity and Access Management (IAM): Previously ranked first, now ranked second. Challenges such as replay attacks, impersonation, and excessive permissions persist in cloud environments, similar to on-premises. However, the shift toward self-signed certificates and poor cryptographic management raise significant security concerns. The focus on implementing zero-trust architecture and software-defined perimeters (SDP) reflects the prominence of these issues in survey respondents’ priorities. Insecure interfaces and APIs: Moving from second to third place, microservices adoption highlights the critical importance of securing interfaces and APIs. Despite their pivotal role in cloud services, including SaaS and PaaS offerings, significant challenges remain in securing these elements due to programmer incompetence and the ever-present nature of the cloud. Inadequate Cloud Security Strategy: This area remains in fourth place, and continues to raise the question: Why do security planning and design challenges persist? Cloud computing has moved beyond its novelty status, requiring a clearly defined and implemented architectural strategy.

Future outlook

This is what the organization expects for the future:

Increasing attack sophistication: Attackers will continue to develop more sophisticated techniques, including artificial intelligence, to exploit vulnerabilities in cloud environments. These new technologies will require a proactive security posture with continuous monitoring and threat hunting capabilities. Supply chain risks: The increasing complexity of cloud ecosystems will increase the attack surface for supply chain vulnerabilities. Organizations will need to extend security measures to their vendors and partners. Evolving regulatory landscape: Regulators are likely to implement stricter regulations on data privacy and security, requiring organizations to adapt their cloud security practices. The rise of ransomware-as-a-service (RaaS): RaaS will make it easier for unskilled actors to launch sophisticated ransomware attacks against cloud environments. Organizations will need robust data backup and recovery solutions along with strong access controls.