It’s no surprise that attacks in the cloud are increasing. Much of it is simply that the cloud is where more and more of our data resides. But the cloud also represents a unique threat landscape. So, it goes without saying that we’re all on the alert to be extra vigilant with security for our cloud instances. But one mistaken assumption that some organizations are still making is that legacy security measures can be ported wholesale into the cloud.
Containers, microservices and cloud workloads are simply not the same as their on-premises predecessors. So, you’ll be better off architecting your cloud security in tandem with other aspects of your cloud infrastructure. And one of the places where this discrepancy is most apparent is in application security toolsets (more on that later).
Let’s take a look at some recent articles that cover the rise in cloud threats, the in ability of AppSec tools to keep up and more on the state of cloud native security.
Cloud-Focused Attacks Growing More Frequent, More Brazen
According to the 2023 Cloud Risk Report by CrowdStrike, attackers are getting better at avoiding detection. As a result, cloud-focused attacks have seen a significant increase in the past few years. The report finds that exploits that target cloud infrastructure have increased 95% from 2021 to 2022. And the number of cybercriminals targeting cloud environments has increased as well—nearly tripling in the same time period.
Simply put, cybercriminals are growing more sophisticated, brazen and determined in cloud exploits. One key finding of the CrowdStrike report is that cybercriminals are becoming more motivated and adept at targeting enterprise cloud environments. They are leaning in on a growing range of tactics, techniques and procedures, including deploying command-and-control channels on top of existing cloud services, achieving privilege escalation and moving laterally within an environment after gaining initial access.
Legacy AppSec Tools Getting Lost in the Cloud
Writer Nathan Eddy points us to another interesting report on cloud native security. A Backslash survey of 300 CISOs, AppSec managers and engineers found that legacy application security (AppSec) tools can’t keep up with cloud native development and are stuck in a perpetual game of catch up. This insight comes at a time when the pace of application development is soaring, yet InfoSec teams feel they can no longer trust legacy tools for cloud native application security.
One of the standout survey findings was the alarming amount of time that is wasted by inadequate tools. 89% of respondents reported wasted at least a quarter of their workday and 58% reported wasting more than half. This translates into valuable staff hours wasted chasing vulnerabilities rather than proactively establishing the right security policies.
The impact of inadequate tools includes (but is not limited to) employee frustration, friction between teams, issues retaining talent and more.
The State of Cloud-Native Security
In yet another new study on cloud native security, The State of Cloud-Native Security Report 2023 points out a growing anxiety about the frequency and impact of cloud native security incidents. 42% of study respondents reported an increase in the mean-time-to-remediate cybersecurity threats and incidents. This, in return, has resulted in 81% of enterprises embedding security professionals in their development and operations teams. And this is just one way to respond to an influx in cloud-native cybersecurity vulnerabilities. 78% of respondents also report wanting better day-one security from tools.
The study also found that deployment frequency continues to increase, with 77% deploying new or updated code to production weekly and 38% committing new code daily. Writer Bill Doerrfeld points out that “Without security forethought for the deployment process, organizations could miss significant CI/CD vulnerabilities, such as those defined in the OWASP Top 10 CI/CD Security Risks.”