Last Updated on: 16th May 2024, 05:29 am
A recent study by cloud infrastructure management firm Brainboard.co has highlighted a significant crisis in cloud security. The report reveals that security professionals are devoting 80% of their time to addressing emergencies caused by security misconfigurations in cloud systems that could have been prevented.
The analysis indicates that cloud security systems face an onslaught of approximately 500 security alerts each week. Given the average cost of a cloud data breach surpassing $4 million, this level of alert fatigue is a critical issue for the industry, leaving little room for security teams to implement proactive strategies that could bolster their organisation’s security stance.
Human Error
Human error is a principal factor in cloud security breaches, responsible for 55% of incidents. The report also notes that over 60% of cloud and DevOps engineers hold junior positions, potentially leading to inadvertent security vulnerabilities.
Chafik Belhaoues, co-founder & CEO of Brainboard, commented: “This statistic makes it abundantly clear that relying solely on human vigilance in a complex cloud environment can lead to severe consequences.
“The fact is, organizations simply cannot afford to wait to be hacked before taking action, and taking a reactive approach is extremely expensive and unsustainable, especially with modern and sophisticated attack systems.
“The only way to remedy that is to adopt a proactive approach to security in a way that helps engineers build secure-by-design systems.”
Proactive Security in the Cloud
Chafik recommends several strategies for adopting a more proactive security approach.
He added: “The first big step to implementing proactive security for cloud architectures is to have an internal approved and secure library of building blocks that engineers can build with.
“Secondly, having a short security feedback loop that is close to users, such as ‘security shift left’, helps them build secure-by-design patterns.
“Finally, you can limit the blast radius by building isolated small cloud infrastructures. This reduces the impact to only the scoped environments or stacks.”
For additional details on securing your cloud infrastructure, visit www.brainboard.co.