Vectra AI report reveals cybersecurity blind spots

A report by Vectra AI finds 100% of companies have experienced a security incident, but continue to expand, as 64% report deploying new AWS services weekly

The past year has led to organisations rapidly embracing digital transformation and resulted in the evolution of a hybrid infrastructure that combines on-premises and cloud-native architectures. 

Vectra AI, a leader in threat detection and response, today released the findings of the PaaS & IaaS Security Survey Report. The findings show a rapid expansion and reliance on AWS services while simultaneously showcasing security blind spots within many organisations.

As digital transformation efforts continue, AWS seems to be becoming an even more critical component to organisations. The survey found:

  • 64% of DevOps respondents are deploying new workload services weekly or even more frequently
  • 78% of organisations are running AWS across multiple regions (40% in at least three)
  • 71% of respondents say that they are using more than four AWS services (such as S3, EC2, IAM, etc.)

 

Developing blind spots

 

The cloud has changed security, while organisations are left with blind spots, the expansion of AWS services has naturally led to increased complexity and risk. In fact, all of the companies surveyed have experienced at least one security incident in their public cloud environment in the last 12 months. Gartner anticipated that over 99% of cloud breaches will have a root cause of customer misconfiguration. Some blind spots the Vectra report uncovered include:

  • 30% of organisations surveyed have no formal sign-off before pushing to production
  • 40% of respondents say they do not have a DevSecOps workflow
  • 71% of organisations say that 10 or more people can modify the entire infrastructure in their AWS environments, creating numerous attack vectors for hackers

Despite these blind spots, the survey showed that companies are taking security seriously. Over half of the companies surveyed reported double-digit security operations center (SOC) headcounts, showing significant investment in keeping their organisations secure. 

 

“Securing the cloud with confidence is nearly impossible due to its ever-changing nature,” said Matt Pieklik, Senior Consulting Analyst at Vectra. “To address this, companies need to limit the number of attack vectors malicious actors are able to take. This means creating formal sign-off processes, creating DevSecOps workflows and limiting the number of people that have access to their entire infrastructure as much as possible. Ultimately, companies need to provide security holistically, across regions and automate as many activities as possible to enhance their effectiveness.”

Securely configuring the cloud with confidence will continue to test many organisations’ ability to defend against attacks. Defending against threats like ransomware, account takeovers, and supply chain attacks requires a new way of thinking. As organisations continue to adopt cloud for all of the speed, scale, and connectivity benefits that come with it, accounting for security risks must remain a priority.

 

Share

Featured Articles

Secure 2024: AI’s impact on cybersecurity with Integrity360

With 2023 seeing increased AI in cybersecurity, and rising cyberattacks, Integrity360 leaders consider what the 2024 cyber landscape will look like

IT and OT security with Ilan Barda, CEO of Radiflow

Cyber Magazine speaks with Radiflow’s CEO, Ilan Barda, about converging IT and OT and how leaders can better protect businesses from cybersecurity threats

QR ‘Quishing’ scams: Do you know the risks?

QR code scams, or Quishing scams, are rising and pose a threat to both private users and businesses as cyberattacks move towards mobile devices

Zero Trust Segmentation with Illumio’s Raghu Nandakumara

Network Security

Is the password dead? Legacy technology prevents the shift

Network Security

Fake Bard AI malware: Google seeks to uncover cybercriminals

Technology & AI