Palo Alto Networks threat intelligence team Unit 42 recently conducted a survey regarding the shift to cloud computing due to the Covid-19 pandemic and work from home orders. Their latest "Cloud Threat Report" shows that organizations have increased their cloud workload by more than 20% between December 2019 and June 2020. However, cloud cybersecurity events have also risen.
In the second quarter of 2020 alone, incidents in the retail, manufacturing, and government sectors have increased 402%, 230%, and 205%, respectively. The drastic surge is partially due to organizations' inability to automate cloud security.
Previous Unit 42 research showed 65% of publicly disclosed security incidents occurred because of customer misconfigurations. Along with their report, they recommend several steps to take to remediate the issue.
- Awareness: Figure out how your cloud is being utilized and be more aware of what's going on in your cloud environment.
- Security Boundaries: Set rules for misconfigurations that should never happen in your cloud and build from there. Utilize IaC (infrastructure as code) templates if necessary.
- Enforce Standards: The Center for Internet Security has benchmarks in place for cloud computing that can help you standardize security boundaries. Automate these rules with IaC.
- Use Security Engineers Who Code: API drives the public cloud. It can be challenging to use without engineers who know how to code and automate processes using CI/CD (continuous integration/continuous delivery) pipeline.
- Embed Security into DevOps: How does code enter your cloud? Locate the least disruptive insertion points in your CI/CD pipeline and work to minimize human interaction by automating the process as much as possible.