A new analysis from cloud infrastructure management leader Brainboard.co has exposed a critical situation in cloud security, with professionals finding themselves besieged by security misconfigurations. According to the report, security experts are spending 80% of their time resolving issues that could otherwise be preventable.
On average, cloud security infrastructures receive about 500 security alerts each week. With the average cost of a cloud-related data breach now exceeding $4 million, the industry is facing a serious crisis that leaves professionals with insufficient time to focus on preventive strategies that could significantly enhance their organizations’ security frameworks.
Human Error
A major source of cloud security problems is human error, which is the root cause behind 55% of breaches. The report further highlights that over 60% of cloud and DevOps engineers are at a junior level, which may contribute to unintentional security risks.
Chafik Belhaoues, co-founder & CEO of Brainboard, stated: “This statistic makes it abundantly clear that relying solely on human vigilance in a complex cloud environment can lead to severe consequences.
“The fact is, organizations simply cannot afford to wait to be hacked before taking action, and taking a reactive approach is extremely expensive and unsustainable, especially with modern and sophisticated attack systems.
“The only way to remedy that is to adopt a proactive approach to security in a way that helps engineers build secure-by-design systems.”
Proactive Security in the Cloud
Chafik outlines key steps for organizations to break the cycle of reactive security.
He added: “The first big step to implementing proactive security for cloud architectures is to have an internal approved and secure library of building blocks that engineers can build with.
“Secondly, having a short security feedback loop that is close to users, such as ‘security shift left’, helps them build secure-by-design patterns.
“Finally, you can limit the blast radius by building isolated small cloud infrastructures. This reduces the impact to only the scoped environments or stacks.”
For further information on how to protect your cloud infrastructure, please visit www.brainboard.co.
