Challenges For Cloud-Native Organizations
The need to scale up remotely available infrastructure during a pandemic has given impetus to the digital transformation of businesses. With many companies moving from early planning stages to accelerated cloud infrastructure deployment over the past year. Cloud native infrastructure today isn’t just an another technology trend – it’s also about unparalleled scalability and flexibility in service selection. Unfortunately, most companies focus on efficient process of organization and put too much faith in the security level guaranteed by cloud providers. Often forgetting about the shared responsibility model.
According to a survey of independent analyst agencies – about 60% of companies said that they are more concerned about security since moving to natively hosted cloud technologies. In turn, 56% of companies indicated that they have had a security incident caused by a misconfiguration or an unpatched security vulnerability.
Instead of using local applications and systems that can be accessed remotely, companies have moved to cloud native applications and infrastructure. This technologies leverage cloud-based infrastructure – such as containers, microservices and APIs. To improve scalability and flexibility for companies their are also considered the key to digital transformation.
According to a report by Snyk, organizations that have largely adopted the cloud have encountered more incidents then to companies that have not moved as many business and development processes to the cloud.
These companies most commonly experience:
- Misconfigured accounts – 50%
- Known unpatched vulnerabilities – 45%
- Compliance issues during audits – 21%
- Data leaks – 18%
Malware transmitted from cloud applications – such as shared cloud drives (Box, OneDrive, etc.) – is also on an upward trend. According to a report by Netskope, malware transfers via Office cloud applications account for nearly 16% of all attacks.
“The rise in popularity of cloud applications as a malware delivery channel by cybercriminals is a result of the overall rise in popularity of cloud applications – cybercriminals go where their victims are,”states the Netskope report.
What’s important to note is that the key to properly protecting cloud native infrastructure is automating security tasks. This infrastructure provides a high level of visibility. But it’s nothing when analysts can’t keep up with massively generated events and cursory examination of alerts. Since digital transformation is the cloud – it’s not surprising to see an increase in interest in SOAR or XDR class technologies – which automate security analyst workloads at the appropriate level.