Trend Micro research finds misconfiguration as number one risk to cloud environments

Trend Micro research finds misconfiguration as number one risk to cloud environments

Trend Micro research finds misconfiguration as number one risk to cloud environments

As more businesses move to use the cloud, the range of cyberthreats increases. Trend Micro is on hand to offer advice on how to tackle these threats.

Trend Micro Incorporated, a global leader in cloud security, has released the findings from research into cloud security, which highlights human error and complex deployments open the door to a wide range of cyberthreats.

Gartner predicts that by 2021, over 75% of midsize and large organisations will have adopted multi-cloud or hybrid IT strategy. As cloud platforms become more prevalent, IT and DevOps teams face additional concerns and uncertainties related to securing their cloud instances.

This newly released report reaffirms that misconfigurations are the primary cause of cloud security issues. In fact, Trend Micro Cloud One – Conformity identifies 230 million misconfigurations on average each day, proving this risk is prevalent and widespread.

“Cloud-based operations have become the rule rather than the exception and cybercriminals have adapted to capitalise on misconfigured or mismanaged cloud environments,” said Indi Sirinwasa, Vice President SSA at Trend Micro. “We believe migrating to the cloud can be the best way to fix security problems by redefining the corporate IT perimeter and endpoints. However, that can only happen if organisations follow the shared responsibility model for cloud security. Taking ownership of cloud data is paramount to its protection and we’re here to help businesses succeed in that process.”

The research found threats and security weaknesses in several key areas of cloud-based computing, which can put credentials and company secrets at risk. Criminals capitalising on misconfigurations have targeted companies with ransomware, cryptomining, e-skimming and data exfiltration.

Misleading online tutorials compounded the risk for some businesses leading to mismanaged cloud credentials and certificates. IT teams can take advantage of cloud-native tools to help mitigate these risks but they should not rely solely on these tools, the report concludes.

Trend Micro recommends several best practices to help secure cloud deployments:

  • Employ least privilege controls: restricting access to only those who need it.
  • Understand the Shared Responsibility Model: Although cloud providers have built-in security, customers are responsible for securing their own data.
  • Monitor for misconfigured and exposed systems: Tools like Conformity can quickly and easily identify misconfigurations in your cloud environments.
  • Integrate security into DevOps culture: Security should be built into the DevOps process from the start.

Browse our latest issue

Intelligent CIO Middle East

View Magazine Archive