The Cloud Security Alliance (CSA), an organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, recently unveiled its “Top Threats to Cloud Computing: The Egregious Eleven,” a report that examines the risks inherent with cloud security.
This year’s study differs from past iterations, CSA said, most noticeably in that many traditional cloud security issues that fall to cloud service providers (CSPs)—denial of service (DOS), shared technology vulnerabilities, CSP data loss, and system vulnerabilities, have dropped off the list.
“This suggests that traditional security issues are either being well addressed or are no longer perceived as a significant business risk of cloud adoption, while those that are the result of senior management decisions around cloud strategy and implementation are of increasing concern,” the organization said.
As part of the research, CSA surveyed 241 industry experts on security issues in the cloud. Its Top Threats Working Group used the survey results along with its expertise to create the final report. Here are the top threats, ranked in order of significance, along with the key business impacts:
The negative consequences of a data breach might include impact on the reputation of the organization and trust of customers or partners; loss of intellectual property to competitors, which might affect product releases; regulatory implications that might result in monetary loss; brand impact, which might cause a market value decrease; legal and contractual liabilities; and financial expenses incurred due to incident response and forensics.
Misconfiguration and inadequate change control
The business impact of a misconfigured item can be severe, the report said, depending on the nature of the misconfiguration and how quickly it’s detected and mitigated. The most commonly reported effect is the exposure of data stored in cloud repositories.
Lack of cloud security architecture and strategy
Regardless of how big or small an organization is, proper security architecture and strategy are required elements for securely moving, deploying, and operating in the cloud. Successful cyber attacks
can have a severe impact on businesses, including financial loss, reputational damage, legal repercussions, and fines.
Insufficient identity, credential, access and key management
Bad actors masquerading as legitimate users can read/exfiltrate,
modify, and delete data; issue control plane and management functions; snoop on data in transit; or release malicious software that appears to originate from a legitimate source. Insufficient
identity, credential, or key management can enable unauthorized access to data and potentially catastrophic damage to organizations.
Account and service hijacking implies full compromise, including control of the account, its services, and data. In such a scenario, business logic, function, data, and applications that rely on the account services are at risk. The fallout from such compromises has been severe at times. Account hijacking consequences include data leaks that lead to reputational damage, brand value degradation, legal liability exposure, and sensitive personal and business information disclosures.
Insider threats can result in the loss of proprietary data and intellectual property. System downtime associated with attacks can negatively affect productivity. In addition, data loss or other customer harm can reduce confidence in company services. Dealing with insider security incidents involves containment, remediation, incident response, investigation, post-incidence analysis, escalation, monitoring, and surveillance, which can add significantly to workload and security budget.
Insecure interfaces and application programming interfaces (APIs)
While most cloud providers strive to make sure security is well-integrated into their service models, it’s critical for customers of those services to understand the security implications associated with the use, management, orchestration, and monitoring of cloud services. Relying on weak interfaces and APIs exposes organizations to security issues related to confidentiality, integrity, availability,
and accountability. The regulatory and financial impacts could be significant.
Weak control plane
A weak control plane might result in data loss, either by theft or corruption. This in turn can lead to a massive business impact, especially if data loss includes private user data. In addition, companies might incur regulatory punishment for data loss. With a weak control plane, users might be unable to protect their cloud-based business data and applications.
Metastructure and applistructure failures
Metastructure and applistructure are vital components of a cloud service, and failures involving these features can have a severe impact on all service customers. At the same time, misconfigurations by the tenant could disrupt the customer financially and operationally.
Limited cloud usage visibility
The risks can include lack of governance, lack of awareness, and lack of security. Malware, botnets, cryptocurrency mining malware, and other threats can compromise cloud containers, which puts organizational data, services, and finances at risk.
Abuse and nefarious use of cloud services
If attackers have compromised the management plane of an organization’s cloud infrastructure, they can use the cloud service for illicit purposes at the customer’s expense. This can be substantial if the attackers consumed substantial resources, such as mining cryptocurrency.