The pandemic focus on work from home in 2021 put the spurs to cloud migration for many businesses, which had to migrate to the cloud almost overnight to support remote workforces. As a result, teleworking has become cloud computing’s killer app during the lockdown – but cybercriminals know this, too.
Clearly, hackers will keep targeting cloud environments as long as they see profit potential in those attacks, so they will be doubling down on targeting cloud infrastructures in 2022.
With that in mind, here are five cloud security developments to expect in the year ahead, and a few suggestions to tackle the challenges they bring.
Cloud Security Trends in 2022
1. Supply Chain Attacks Will Rise
The now year-old Solarwinds attack, where cybercriminals breached thousands of customers by inserting malicious code into software updates, was the canary in the coal mine. Expect hackers to target weak links in the supply chain as a way to breach the cloud and attack better-protected assets.
Tip: Cybersecurity defenders should focus on cutting off attackers’ ability to move laterally by reducing entitlements and privileges for all internal and external identities (including machine identities) that are allowed to access cloud resources
Also see: Top Cybersecurity Companies
2. Cloud Breaches Will Be a Fact of Life
McKinsey & Co. has noted that the pandemic has forced many enterprises to leapfrog years in their use of the cloud during the lockdown period. But it hasn’t been a smooth transition, and security has suffered in some cases; 40% of companies have suffered a cloud-based data breach. In 2022, expect every organization to endure at least one cloud breach.
Tip: Businesses should focus on reducing their cloud attack surface and containing the blast radius if a hacker breaches their security controls. They should invest in tools that provide visibility into cloud identities and give defenders a clear picture of the potential damage that could follow a breach so they can respond quickly and connect with all the stakeholders.
3. Cloud Maturity Will Make a Difference
Companies that are in the early stages of their cloud migration are at a greater risk than those that are optimizing their existing infrastructure. Expect those organizations in the building stages of cloud development to suffer more breaches.
Cloud-native companies have an advantage here, since they typically have a better understanding of the complexities associated with managing the security posture of cloud infrastructures to protect their data and assets, rather than relying on platform providers to step in.
Tip: Cybersecurity professionals should focus on building security controls for identities, access and configurations into their cloud migration roadmap at every stage.
4. Zero Trust Picks Up Speed
“Zero trust” is quickly becoming a buzzword that threatens to lose its meaning, but it hasn’t lost its importance. Having a consistent, uninterrupted security policy guarding who can access data and resources and enforcing least-privilege access is still the key principle for protecting cloud infrastructure. So expect initiatives to leverage zero trust architecture to keep catching on with enterprises.
Tip: Organizations that want to enforce zero trust and least privilege in the cloud need to manage network policy, identity and access permissions, and resource configurations. They need to put practices into place that provide comprehensive visibility into all three to better manage the threat.
5. Machine Identities Will be an Achilles Heel
Organizations have become wiser about improving security among their users by leveraging multi factor authentication (MFA) and single sign-on (SSO) to prevent credential abuse and mishandling. As more organizations improve security on the human front, cybercriminals will look to open new fronts by targeting machine and service identities. These have already been exploited in almost every cloud breach to help attackers access data or move laterally within systems. This is primarily because machine and service identities are created by developers to enable other functions and that are outside the wheelhouse of cybersecurity.
Tip: This needs to change. Faced with a shortage of cyber security talent, organizations need to leverage tools that can serve as a force multiplier for security staff. Automation can help with cybersecurity by identifying and prioritizing the risks connected to machine identities and their entitlements, as well as automating the remediation of those risks.
The remote work genie is refusing to go back in the bottle. Even after the pandemic becomes a memory, employers expect a number of their staff will remain remote in some manner. Meanwhile, cloud usage will continue to accelerate and so will attacks against service provider platforms and the data they contain. The year 2022 needs to be the year for getting cloud security basics right.
About the Author:
Shai Morag is the CEO of Ermetic