Another week and another cloud misconfiguration has hit the headlines. It seems as though a day doesn’t go by where the news cycle doesn’t contain a story relating to a leaky storage bucket or accidentally exposed database due to a security misconfiguration within infrastructure-as-a-service (IaaS). Noted as an end-user mistake, studies show 90 percent of UK data breaches were a direct result of human error, while the Verizon Data Breach Investigations Report revealed that more than 40 percent of all error-related breaches involved misconfigurations.
You only need to be reminded of the devastating 2019 Capital One breach, which impacted over 100 million people and was a direct result of a misconfigured system within the hosted Amazon Web Services cloud architecture - an estimated $150 million mistake that many organizations will want to avoid. The concern is that this critical cloud security issue will continue as more businesses rapidly adopt this technology in the wake of the recent pandemic. Indeed, Gartner predicts that by 2022, roughly 95 percent of cloud security failures will be because of the failure of the customer i.e., misconfiguration mistakes.
Read the full article from Sergio Loureiro: