Report: Cloud Risks Increase in First Half of 2019
William Grove Aug 29, 2019
Skybox Security’s recent mid-year update to the Vulnerability and Threat Trends Report 2019 has found that cloud risks are increasing at a similar breakneck speed to investments in cloud technology.
A separate study from IDG has found that upwards of 73 percent of organizations already have a portion of their computing infrastructure in the cloud, a share that’s only set to increase. The drivers behind this growth are clear: its cost-effective, it increases agility, improves efficiency and can be rapidly deployed. But these benefits could prove to be illusory if efforts aren’t taken to include cybersecurity in the decision-making and implementation processes.
The updated Vulnerability and Threat Trends Report 2019 highlights why this needs to change. It shines a spotlight on how new threats have increased opportunities for attackers. Considering just how damaging these threats could be, it’s clear that cybersecurity can no longer be relegated to an afterthought: the CISO needs to have a seat at the table.
Cloud Container Vulnerabilities on the Rise
One of the main takeaways from the report is that vulnerabilities in cloud containers, which create a distinction between virtual servers hosted on a shared machine, have increased by 46 percent in the first half of 2019 compared to the same period in 2018. Looking at the two-year trend of container vulnerabilities published in first halves, container vulnerabilities have increased by 240 percent. Each of these vulnerabilities needs to be visible to the security team and their exposure needs to be understood – without this knowledge, it’s almost impossible for security teams to protect their organizations’ sensitive assets and infrastructure.
Among these new vulnerabilities is CVE-2019-5736, a flaw which allows root code execution (RCE) on a host from a guest OS in a container. It was discovered, exploited and patched in-house but affected many container runtime systems including Docker, Kubernetes, containerd among others. If an RCE vulnerability is exploited, the effects can be devastating. This is particularly true when that vulnerability exists within a container: a system running in a container is internally vulnerable to the guest application with the weakest security and externally vulnerable to management and other software designed to interface with it.
The Dangers of Poor Cloud Cyber Hygiene
Aside from new vulnerability reports, there have also been renewed concerns about the maturity of cloud service vendors’ cybersecurity, and the risk that may be introduced if they have a lack of robust security processes in place.
Improving cyber hygiene in cloud environments comes down to being able to understand what an organization is trying to protect and how well it’s being protected. To answer these questions, it’s critical that security teams have visibility of their entire infrastructure (including all of its third-party and virtualized elements), have contextual insight into all security controls and network paths and can gain a firm grasp on vulnerability exposure within their networks.
If the CISO has the tools and the capabilities required to secure cloud environments, then they will more than earn their seat in the C-Suite. Cloud risks are only going to increase in number and severity as time goes on – the time is now to ensure that cybersecurity is at the forefront of every cloud initiative.
Docker Vulnerability Made Public a Year After First Discovery – Find out what happened when a vulnerability in popular container vendor Docker was published one year after its initial discovery
Capital One Data Breach: What Went Well for the Financial Giant? – An example of how important it is to have strong cyber hygiene; read how data from over 100 million Capital One customers was breached