What the 2019 AWS Security Report Tells Us About Preventing a Cloud Data Breach

0
[ This article was originally published here ]

In the wake of the recent Capital One security breach in their cloud environment on AWS, the security community is taking another look at how we approach cloud security. CloudPassage recently shared guidance in our blog, “Capital One Data Breach: Non-Technical Tips To Not Be A Headline”. Here we take a look at how your industry peers are thinking about focusing on what matters by taking a look at the 2019 AWS Security Report. 

CloudPassage has once again partnered with the 400,000-member Cybersecurity Insiders community to explore key concerns and interests related to security and compliance in Amazon Web Services environments. The AWS Security Report for 2019 summarizes survey data on how companies using AWS are responding to security threats in the cloud, and what tools and best practices IT cybersecurity leaders are prioritizing in their move to the cloud.

You can find a link to the full AWS Security Report for 2019 at the bottom of this post, but if you’re looking for key takeaways, here are the top 4:

#1 – Security Concerns Remain High

Nine of 10 cybersecurity professionals (91%) are extremely to moderately concerned about public cloud security.

Despite massive investments in public cloud infrastructure security, the AWS Security Report points out that many cyber security pros still have reservations about the security of sensitive data, systems, and services in the cloud. While AWS offers multiple security measures, you are ultimately responsible for securing your workloads in the cloud according to the Shared Responsibility Model. 

#2 – Blind Spots Persist

AWS Security Report #1 headaches

44% of cybersecurity professionals say that visibility into infrastructure security is their biggest operational headache.

The bottom line is that you can’t secure what you can’t see, and without security visibility into your AWS environment you’re flying blind. The Capital One security breach offers an object lesson. Distributed control and access from anywhere offers efficiencies and also underscores the need to have full visibility into every layer of cloud infrastructure. Visibility into each and across all IaaS accounts is essential for securing the business because each account contains services, data and resources that—if misused or abused—can create significant risk to your company.

#3 – Misconfigurations are Biggest Threat

AWS Security Report #1 threat

The configuration of the AWS cloud platform takes the number one spot in this year’s survey as the single biggest vulnerability to cloud security (62%). Furthermore, 35% of respondents said  they can’t identify misconfiguration fast enough, likely due to the lack of visibility mentioned above. 

While AWS offers extensive security measures, you are still ultimately responsible for the services and resources in your cloud environment, including S3 buckets. Configuration of those resources, and of the roles and policies that mediate access, are key to maintaining a good security posture. As the security community continues to analyze the Capital One data breach it is becoming an illustration of how those permissions and settings can be problematic in subtle ways, requiring careful auditing.

The AWS Security Report shows that security professionals understand the risk misconfiguration represents on even non-production assets. Cloud infrastructure drives an extremely high change velocity and is technically complex, with hundreds of services each offering numerous configuration options. The opportunity for error and oversight is great.

#4 – Traditional Tools Don’t Work

AWS Security Report Legacy tools don't work

Eighty-five percent of respondents confirm that legacy security solutions either don’t work at all in AWS cloud environments or have very limited functionality.

While traditional network and host-based security tools made sense when applications were hosted in static centralized data centers, these legacy security tools and appliances are not designed for the dynamic, distributed virtual environment of the cloud. The Amazon security report both reveals top concerns traditional tools don’t address, and addresses how a sea change in operations driven by cloud means new tools are needed to effectively deal with digital risk. 

Get Full AWS Security Report 2019

As promised, here’s a link to the full AWS Cloud Security Report for 2019. 

These findings will provide you with a starting point to structure your time examining the security of your cloud wisely. The good news is that you are not alone in having these concerns, and as awareness is growing strategies and best practices for addressing these problems are becoming more accessible.

While you’re reviewing the AWS Security Report and thinking about the level of visibility you have into your cloud, consider taking advantage of CloudPassage’s free security posture assessment to get a handle on the security of your AWS and Azure environments in 30 minutes. Our platform protects some of the largest and most high-profile AWS deployments in the world, and we’d be delighted to share what we’ve learned along the way.