Cloud Security Risks to focus on in 2022

Managing complex hybrid environments

In an ideal world organizations would either be fully on-prem or fully on-cloud or using one cloud provider only. However that is sadly not true as majority of organizations are using multi-cloud environments which might be scattered all over the globe making them a nightmare to secure. Cloud security teams need to be able to secure all of them and visualize risks in a centralized manner. A Cloud Security Posture Management tool is essential in these cases for governance purposes as a single mis-configuration would be enough to compromise your environment. Additionally, CISOs will have to think about implementing a zero trust security model to make sure that employees can get their work done while remaining secure in a hybrid environment. ( This is a huge topic in itself so will write more about this shortly )

Cloud Supply Chain attacks are going to increase

Supply chain attacks are a blind spot in many organizations and the cloud supply chain is especially vulnerable given the lack of experience most companies have with it. The recent Solarwinds and Colonial Pipeline attacks were sufficient to demonstrate that most companies are unaware of the level of access they have provided their partners into their environments or Github repositories. A recent study by Unit42 demonstrated just how easy it would be for a malicious person to gain access into a CI / CD environment and poison the core code repositories just by taking advantage of a few poor software development practices. The below example shows the flow which the security experts used to stimulate a supply chain attack and gain a foothold into the environment

Software Composition Analysis (SCA) tools

Building on the previous risk , the reason that it is becoming easier and easier to poison the software well is due to software dependencies. Modern software is build upon software libraries which are usually not scanned to the same extent as the core source code. This is a recurring trend in most supply chain attacks as attackers go after the supporting software libraries instead of the core source code.Software composition analysis ( SCA ) which detects insecure software libraries should be enabled and integrated into the pipeline. This is easier said than done however as software libraries can have multiple levels of dependencies which means security vulnerabilities can come in and remain undetected for huge periods of time. The recent Log4j hack being a perfect example of a software dependency that was so tightly ingrained into most environments that it simply could not be removed.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Taimur Ijlal

Taimur Ijlal

931 Followers

☁️ Cloud Security Pro | 👨‍💻️ A.I. Noob | Check out my upcoming Ebook on how to make more money in cybersecurity -> https://cloudsec-guy.com/passive-income/