4 key takeaways from the AWS Cloud Security Report 2019

0

This post was originally published here by  gregg rodriguez.

Many knowledgeable opinions, four key takeaways, one gathering of pros.

The very first AWS re:Inforce conference is upon us.

Thousands of attendees, speakers, and vendors will descend on the Boston Convention Center for the very first AWS-centric security event. If re:Inforce looks anything like other AWS events, you can expect the raw quantity of information to be overwhelming. Pitches, courses, product data sheets, booths – how’s an attendee to get above the noise and focus on what matters?

One way is asking industry peers what they think matters.

CloudPassage has once again partnered with the 400,000-member Cybersecurity Insiders community to explore key concerns and interests related to security and compliance in Amazon Web Services environments.

The report summarizes survey data on how companies using AWS are responding to security threats in the cloud, and what tools and best practices IT cybersecurity leaders are prioritizing in their move to the cloud.

You can find a link to the full AWS Cloud Security Report 2019 at the bottom of this post, but if you’re looking for key takeaways, here are the top 4:

#1 – Security concerns remain high


Nine of 10 cybersecurity professionals (91%) are extremely to moderately concerned about public cloud security.

Despite massive investments in public cloud infrastructure security, many cyber security pros still have reservations about the security of sensitive data, systems, and services in the cloud. While AWS offers multiple security measures, you are ultimately responsible for securing your workloads in the cloud according to the Shared Responsibility Model.

#2 – Blind spots persist

44% of cybersecurity professionals say that visibility into infrastructure security is their biggest operational headache.

The bottom line is that you can’t secure what you can’t see, and without security visibility into your AWS environment you’re flying blind. Visibility into each and across all IaaS accounts is essential for securing the business because each account contains services, data and resources that — if misused or abused — can create significant risk to your company.

#3 – Misconfigurations are the biggest threat

Misconfiguration of the AWS cloud platform takes the number one spot in this year’s survey as the single biggest vulnerability to cloud security (62%). Furthermore, 35% of respondents said  they can’t identify misconfiguration fast enough, likely due to the lack of visibility mentioned above. 

As mentioned above, while AWS offers extensive security measures, you are still ultimately responsible for the configuration of the services and resources in your cloud environment, including S3 buckets. Cloud infrastructure drives an extremely high change velocity and is technically complex, with hundreds of services each offering numerous configuration options. The opportunity for error and oversight is great.

#4 – Traditional tools don’t work

Eighty-five percent of respondents confirm that legacy security solutions either don’t work at all in AWS cloud environments or have very limited functionality.

 While traditional network and host-based security tools made sense when applications were hosted in static centralized data centers, these legacy security tools and appliances are not designed for the dynamic, distributed virtual environment of the cloud.  

Grab the full AWS Cloud Security Report 2019 and visit us at AWS re:Inforce

As promised, here’s a link to the full report.

These findings will provide you with a starting point to structure your time at AWS re:Invent wisely. There’s a lot to see and learn, and having a plan will help make sure the event isn’t an endless wander through booths and giveaways. For your convenience, here are links to the list of vendors and schedule of lectures and courses.

While you’re covering the expo floor, be sure to visit CloudPassage at “the most secure booth” on the show floor; booth 443 (seriously). Our platform protects some of the largest and most high-profile AWS deployments in the world, and we’d be delighted to share what we’ve learned along the way and discuss how it can help you.

Photo:Cybersecurity Insiders