Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
Vectra AI Reveals Cybersecurity Blind Spots in PaaS and IaaS Environments with Security Survey

Vectra AI released the findings of the PaaS & IaaS Security Survey Report. The report compiled the answers of 317 IT executives all using AWS, 70% coming from organization of 1,000+ employees. The findings show a rapid expansion and reliance on AWS services while simultaneously showcasing security blind spots within many organizations.

As digital transformation efforts continue, the survey found that AWS is becoming an even more critical component to organizations who are regularly deploying new workloads, leveraging deployments in multiple regions and are relying on more than one AWS service. The survey found:

  • 64% of DevOps respondents are deploying new workload services weekly or even more frequently
  • 78% of organizations are running AWS across multiple regions (40% in at least three)
  • 71% of respondents say that they are using more than four AWS services (such as S3, EC2, IAM, etc.)

The expansion of AWS services has naturally led to increased complexity and risk with 100% of companies surveyed having experienced at least one security incident in their public cloud environment. Gartner anticipated that over 99% of cloud breaches will have a root cause of customer misconfiguration. Some blind spots the Vectra report uncovered include:

  • 30% of organizations surveyed have no formal sign-off before pushing to production
  • 40% of respondents say they do not have a DevSecOps workflow
  • 71% of organizations say that 10 or more people can modify the entire infrastructure in their AWS environments, creating numerous attack vectors for hackers

Despite these blind spots, the survey showed that companies are taking security seriously. Over half of the companies reported having double-digit security operations center (SOC) headcounts, showing a significant investment in keeping their organizations secure.   

"Securing the cloud with confidence is nearly impossible due to its ever-changing nature," said Matt Pieklik, Senior Consulting Analyst at Vectra. "To address this, companies need to limit the number of attack vectors malicious actors are able to take. This means creating formal sign-off processes, creating DevSecOps workflows and limiting the number of people that have access to their entire infrastructure as much as possible. Ultimately, companies need to provide security holistically, across regions and automate as many activities as possible to enhance their effectiveness."

Vectra has answered this industry need through the creation of Detect for AWS which reduces risk of cloud services being exploited, detects threats against AWS services, and automatically responds to attacks against applications running in AWS.

To learn more about the threats facing today's organizations you can download the full Paas & IaaS Security Survey Report.
Published Wednesday, August 04, 2021 10:32 AM by David Marshall
Filed under: ,
Get This Featured White Paper: The Business Value of Forward Networks
You may also be interested in this white paper: Top 5 Network Issues That a Digital Twin Can Solve in Under a Week
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Customer Connect
Global Digital
DTX
DTW-NA
innovatrix
GISEC
global-digital-cx
vExpert
Calendar
<August 2021>
SuMoTuWeThFrSa
25262728293031
1234567
891011121314
15161718192021
22232425262728
2930311234