Skip to main content

Misconfiguration the number one risk to cloud environments

(Image credit: Image source: Shutterstock/bluebay)

Cloud misconfiguration is the number one cause of cloud security issues, according to a new report from cybersecurity firm Trend Micro.

The report claims 230 million cloud misconfigurations occur every day, and that security weaknesses can be found in “several key areas” of cloud-based computing, placing information such as login credentials and sensitive data at risk.

In some instances, IT personnel consult unofficial and misleading tutorials when setting up cloud infrastructure, which serves to exacerbate the problem.

Criminals that prey on cloud misconfigurations usually assault company networks with ransomware, e-skimming and data exfiltration.

In order to mitigate these issues, IT teams can use cloud-native tools, but relying solely on these tools also presents risks, the report says.

“Cloud-based operations have become the rule rather than the exception, and cybercriminals have adapted to capitalize on misconfigured or mismanaged cloud environments,” said Greg Young, Vice President of Cybersecurity for Trend Micro.

“We believe migrating to the cloud can be the best way to fix security problems by redefining the corporate IT perimeter and endpoints. However, that can only happen if organisations follow the shared responsibility model for cloud security. Taking ownership of cloud data is paramount to its protection," he added.