Sysdig Reveals Convenience Prioritised In Cyber Security

Leading cybersecurity firm Sysdig has released its 2024 Cloud-Native Security and Usage Report, the seventh of its kind. The report explores how cloud and containerised environments are used and secured by companies around the world, and outlines fears that organisations are prioritising convenience over preventive security in a bid for fast application development. 

"Nearly every security issue we see is a manifestation of the can that development and operations teams kick down the road,” says Anna Belak, Director, Office of Cybersecurity Strategy at Sysdig and one of the report authors.

“Most organisations — in pursuit of faster innovation — prefer to send security teams to sort through the resulting risk management disaster instead of making cleaner DevOps a priority. As long as software teams are incentivised to chase speed over security, they will continue to build insecure systems."

Anna Belak has nearly 10 years of experience researching and advising organisations on cloud adoption with a focus on security best practices. As a Gartner Analyst, she spent six years helping more than 500 enterprises with vulnerability management, security, monitoring, and DevSecOps initiatives. Belak's research and talks have been used to transform organisations' IT strategies, and her research agenda helped to shape markets.  As  the Director of the Office of Cybersecurity Strategy at Sysdig, Belak’s deep understanding of the security industry helps IT professionals succeed in their cloud-native journey. 

Belak holds a Ph.D. in Materials Engineering from the University of Michigan, where she developed computational methods to study solar cells and rechargeable batteries.

Speed in development over secure progress

Key findings from the report include: 

• Slow AI uptake: 69% of enterprises have yet to embed AI into their cloud environments. While 31% of companies have integrated AI frameworks and packages, only 15% of these integrations are used for generative AI tools such as large language models (LLMs). Considering the risk acceptance described in this year’s report, organisations are ignoring security best practices, yet they are cautious when it comes to implementing AI into their enterprise environments.
• 91% of runtime scans fail: In shift-left security, organisations scan early and often during the development phase, recognising failed builds, correcting the code, and then redeploying. The goal is to catch issues before delivery, and before they become exploitable conditions for attackers. However, with 91% of runtime scans failing, teams appear to be relying more on threat detection than prevention.
• Only 2% of granted permissions are being used: Identity management – for both humans and machines – has become the most overlooked cloud attack risk and opportunity for companies to improve their security posture, especially in light of well-known 2023 attacks that took advantage of overly permissive identities. In last year’s report, Sysdig saw 90% of permissions going unused, showing that this trend has worsened year over year. 
• Shorter container lifespans are not stopping attackers: The homogenous nature of cloud environments and attackers’ usage of automation for discovery and reconnaissance gives them a near-instant understanding of cloud environments and their opportunities to move laterally. Running vulnerable workloads, no matter how short-lived, leaves organisations at risk for attacks.

"Companies across the board are tempted by excessive permissions because they give developers free rein to build software at a faster, unrestricted pace and help drive revenue. The problem with this logic, though, is often only clear in hindsight. In fact, the biggest cyberattack stories of the last year all involved privileged access,” shares Crystal Morin, Cybersecurity Strategist at Sysdig and report author.

“Any organisation ignoring identity risks and allowing excessive permissions across their accounts and users in 2024 is taking a massive gamble. If they make that bet, they better have a powerful real-time threat detection and response strategy in place to back it up.” 

Crystal Morin is a Cybersecurity Strategist at Sysdig tasked with bridging the gap between business and security through cloud and container-focused webinars and papers for everyone from executives to technical practitioners. She was originally a threat research engineer on the Sysdig Threat Research Team, where Morin spent her time discovering and analysing cyber threat actors who took advantage of the cloud. Prior to joining Sysdig, she spent four years as a contractor for Booz Allen Hamilton, researching and reporting on terrorism and cyber threats, having started her career as a linguist and intelligence analyst in the United States Air Force. Morin was responsible for helping to develop and mature Booz Allen’s cyber threat intelligence community and threat-hunting capabilities. 

**************

Make sure you check out the latest industry news and insights at Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

**************

Cyber Magazine is a BizClik brand 

*************