What expert says on survey on the implementation of cloud security best practices

Tripwire has today released the results of a survey on the implementation of cloud security best practices. Conducted by Dimensional Research last month, the survey evaluated the opinions of 310 security professionals. According to the survey, a number of organizations face shortcomings in monitoring and securing their cloud environments. A majority of security professionals (76%) state they have difficulty maintaining security configurations in the cloud, and 37% said their risk management capabilities in the cloud are worse compared with other parts of their environment. Almost all (93%) are concerned about human error causing accidental exposure of their cloud data. Attackers are known to run automated searches to find sensitive data exposed in the cloud, making it critical for organizations to monitor their cloud security posture on a recurring basis and fix issues immediately. However, Tripwire’s report found that only 21% of organizations assess their overall cloud security posture in real-time or near real-time. While 21% said they conduct weekly evaluations, 58% do so only monthly or less frequently. Despite widespread worry about human errors, 22% still assess their cloud security posture manually.

More information: https://www.tripwire.com/state-of-security/featured/survey-security-configs-cloud/

Experts Comments

August 13, 2020
Niamh Muldoon
Senior Director of Trust and Security EMEA
OneLogin
It is interesting to note the disconnect between the concerns of security professionals, be it towards human error causing accidental exposure of data or their difficulty in maintaining security configurations, and the lack of measures put in place to resolve such issues. Cybersecurity concerns should be seen as a priority within an organisation, and should be a regular conversation topic at board meetings. Conducting regular, automatic audits to assess an organisation’s cloud security.....Read More
It is interesting to note the disconnect between the concerns of security professionals, be it towards human error causing accidental exposure of data or their difficulty in maintaining security configurations, and the lack of measures put in place to resolve such issues. Cybersecurity concerns should be seen as a priority within an organisation, and should be a regular conversation topic at board meetings. Conducting regular, automatic audits to assess an organisation’s cloud security posture and patch vulnerabilities is fundamental to reducing the risk of an attack, as is the implementation of MFA. Indeed, hard tokens, biometrics, or one-time passwords prevent 99.9% of account takeovers.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.