E-Handbook: Cloud security risks and the countermeasures you need now Article 1 of 4

Assess your cloud security risks and countermeasures

The current cloud security risks, and available countermeasures, demand every cybersecurity pro's attention.

Three years ago, a LogicMonitor survey predicted 83% of enterprise workloads would run in the cloud versus on premises. A recent Nemertes Research study found we're not quite there yet, but it did mark 2019 as the first year cloud workloads outnumbered those conducted on premises.

The COVID-19 pandemic has furthered the enterprise race to the cloud as it became instrumental in keeping employees connected and productive amid lockdowns. Snow Software research found more than 80% of organizations have increased cloud use since the pandemic started, and 60% of respondents said adoption will continue after quarantine restrictions are lifted.

However, the Snow study had a troubling revelation: Only 46% of respondents reported plans to increase cloud security investments, despite a slew of headline-making cloud-based threats:

  • Sixty percent of web application attacks can be attributed to cloud-based email servers, according to the Verizon "2019 Data Breach Investigations Report."
  • Business email compromise attacks that infiltrated U.S. businesses through two cloud-based email services cost companies more than $2.1 billion over five years, per the FBI Internet Crime Complaint Center team.
  • More than 10 million MGM Resorts guests had sensitive data accessed from a cloud server, reported ZDNet.
  • A misconfigured web application firewall was the root cause of the 2019 Capital One breach where more than 100 million customer records were exposed.

Additionally, Gartner predicted that, through 2025, 99% of cloud security failures will be the fault of the customer.

More than ever, organizations must get wise to both cloud security risks and countermeasures that will mitigate them.

This guide aims to help you understand what issues you will inevitably face, and the policies, procedures and technologies to best secure the cloud now: Uncover vulnerabilities in the cloud control plane -- the mix of administrative consoles and interfaces enterprises are responsible for -- and review five steps to best secure it. Then look at the top three challenges of multi-cloud versus single cloud security to get insights on choosing between the two from a security perspective. Finally, learn how to measure cloud security maturity and identify tools to improve the mean time to contain cloud-related security breaches.

Don't let a dark cloud hang over your enterprise deployments. The advice in this guide is instrumental for keeping your cloud infrastructures safe -- and preventing them from becoming a statistic.