INTELLIGENT BRANDS // Cloud
Trend Micro research finds
misconfiguration as number
one risk to cloud environments
As more businesses move to use the cloud, the range
of cyberthreats increases. Trend Micro is on hand to
offer advice on how to tackle these threats.
Trend Micro Incorporated, a global
leader in cloud security, has released
the findings from research into cloud
security, which highlights human error and
complex deployments open the door to a
wide range of cyberthreats.
Gartner predicts that by 2021, over 75% of
midsize and large organisations will have
adopted multi-cloud or hybrid IT strategy. As
cloud platforms become more prevalent, IT
and DevOps teams face additional concerns
and uncertainties related to securing their
cloud instances.
This newly released report reaffirms that
misconfigurations are the primary cause of
cloud security issues. In fact, Trend Micro
Cloud One – Conformity identifies 230 million
misconfigurations on average each day,
proving this risk is prevalent and widespread.
“Cloud-based operations have become
the rule rather than the exception and
cybercriminals have adapted to capitalise
on misconfigured or mismanaged cloud
environments,” said Indi Sirinwasa,
Vice President SSA at Trend Micro. “We
believe migrating to the cloud can be
the best way to fix security problems by
redefining the corporate IT perimeter and
endpoints. However, that can only happen if
organisations follow the shared responsibility
model for cloud security. Taking ownership
of cloud data is paramount to its protection
and we’re here to help businesses succeed in
that process.”
The research found threats and security
weaknesses in several key areas of cloud-based
computing, which can put credentials and
company secrets at risk. Criminals capitalising
on misconfigurations have targeted
companies with ransomware, cryptomining,
e-skimming and data exfiltration.
Misleading online tutorials compounded
the risk for some businesses leading
to mismanaged cloud credentials and
certificates. IT teams can take advantage of
cloud-native tools to help mitigate these risks
but they should not rely solely on these tools,
the report concludes.
Trend Micro recommends several best
practices to help secure cloud deployments:
• Employ least privilege controls:
Restricting access to only those who
need it.
• Understand the Shared Responsibility
Model: Although cloud providers
have built-in security, customers are
responsible for securing their own data.
• Monitor for misconfigured and
exposed systems: Tools like
Conformity can quickly and easily
identify misconfigurations in your
cloud environments.
• Integrate security into DevOps
culture: Security should be built into the
DevOps process from the start. •
www.intelligentcio.com INTELLIGENTCIO 65