According to a Cloud Security Alliance survey on cloud security issues, insufficient identity, credential, access and key management for privileged accounts is the top concern around cloud cybersecurity. Cloud Security Alliance is a not-for-profit that promotes best practices for cloud computing.
Top issues revealed:
- Insufficient Identity, Credential, Access, and Key Mgt, Privileged Accounts
- Insecure Interfaces and APIs
- Misconfiguration and Inadequate Change Control
- Lack of Cloud Security Architecture and Strategy
- Insecure Software Development
- Unsecure Third-Party Resources
- System Vulnerabilities
- Accidental Cloud Data Disclosure
- Misconfiguration and Exploitation of Serverless and Container Workloads
- Organized Crime, Hackers & APT
- Cloud Storage Data Exfiltration
Conclusions:
- Insufficient Identity, Credentials, Access, and Key Management holds the top spot
- Misconfiguration and Inadequate Change Control previously held the second spot
- Strategy and Architecture … held the third spot
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.