Skip to main content

Nearly all cloud environments are vulnerable to security breaches

(Image credit: Image Credit: TZIDO SUN / Shutterstock)

Businesses around the world could be putting themselves at risk by utilising potentially insecure cloud environments.

Research from Accurics found that 93% of cloud environments are vulnerable to breaches, meaning companies of all sizes could be at risk of attack.

It claims that over 30 billion records were exposed during the last two years as a result of cloud misconfigurations such as incorrect settings.

The report also found that most cloud deployments (91%) have at least one network exposure where a security group is left wide open, which is believed to have already led to more than 200 breaches over the past two years. 

Elsewhere, the study noted that one in two deployments have unprotected credentials stored in container configuration files, posing a serious risk as more and more organisations embrace the use of container technology.

 Despite all these risks, many issues are apparently going unchecked, as automated risk detection paired with a manual approach to resolution is creating 'alert fatigue', with only 6% of issues being addressed.

“While the adoption of cloud native infrastructure such as containers, serverless, and servicemesh is fueling innovation, misconfigurations are becoming commonplace and creating serious risk exposure for organizations,” said Accurics Co-founder & CTO, Om Moolchandani.

 “As cloud infrastructure becomes increasingly programmable, we believe that the most effective defense is to codify security into development pipelines and enforce it throughout the lifecycle of the infrastructure. The receptiveness of the developer community toward assuming more security responsibility has been encouraging and a step in the right direction.”  

Mike Moore is Deputy Editor at TechRadar Pro, and has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and ITProPortal.