As we begin 2024, the cloud security landscape continues to change and staying ahead of the curve is always a priority. Cado Security predicts a number of trends we foresee being a focus in the upcoming year, including:
- Increased security of cloud service provider defaults
- Increased interest in application-level security
- Third party risk
- IoT’s impact on cloud security
- A deeper focus on cloud security including forensics and incident response
- And more…
Here are our top 7 cloud security predictions for 2024
1. Continuous Enhancements in CSP Secure Defaults
This year, data will continue to migrate to the cloud attracting more adversaries. However, Cloud Service Providers (CSPs) are actively strengthening their defenses by doing things such as improving their security defaults. Notably, AWS’ initiatives to better secure defaults for its products including S3 and EC2, particularly the default blocking of public AMIs, show AWS taking proactive measures against potential threats. These improvements help strengthen the initial defense line. There is also a move by CSPs to introduce security for resources deployed in other service providers to deliver a level of cross-cloud support and capabilities. For example, AWS launching IAM Roles Anyware allows containers on other CSP’s services to obtain IAM credentials.
2. Rising Emphasis on Application-Level Security
In many recent breaches, we’ve seen the compromise of access keys and vulnerable applications, such as in those involving the MOVEit vulnerability. We feel that in 2024, we will see a shift towards reinforcing application-level security and implementing more stringent access controls. This increased emphasis seeking to mitigate security incidents stemming from exploited vulnerabilities and the persistent issue of stolen access keys, predominant factors in numerous cloud breaches in 2023.
3. More Concerns on Third-Party Risk
The expanding digital landscape raises concerns about supply chain risks. igital transformation corresponds to an increase in size of the attack surface, especially within the cloud ecosystem. Consequently, with supply chains becoming more frequent targets, such as in the 2023 Okta Breach, organizations should prioritize rigorous risk assessments to ensure that partners and vendors adhere to stringent cybersecurity standards. Mitigating third-party risks becomes paramount in safeguarding interconnected networks against potential breaches.
4. IoT’s Impact on Cybersecurity
The continued interconnectedness of IoT devices and their proliferation, notably in sectors like manufacturing and critical infrastructure, highlights the pressing need for improved cybersecurity strategies. As IoT devices communicate extensively with the cloud, sectors that have historically lagged in cybersecurity must make effort to elevate their security postures. This evolution becomes imperative to mitigate the potential risks arising from increased connectivity.
5. Elevated Focus on Forensics and Incident Reporting
There is a clear need for deeper forensics, especially as incident reporting mandates and requirements are increasing in number and scope globally. For example, with the SEC’s new reporting rules just coming into force and other regulations already in effect such as GDPR, in the event of an incident, organizations need answers fast. Further, the complexity of modern cyberattacks targeting cloud-based technologies increases the need for forensics capabilities that can help security appropriately manage risk across the next-generation of services, including containers and serverless resources. There is also a speed factor here. When it comes to incident reporting mandates, security teams need tools that enable speedy investigations.
6. Identity and Access Management Challenges in the CloudEra
The recent breaches involving platforms such as Okta highlight the complex nature of Identity and Access Management (IAM) in an era increasingly dominated by cloud technologies. The cloud environment, often perceived as a singular, flat network, necessitates a deeper comprehension of IAM complexities to maintain robust security measures. These incidents serve as a crucial reminder that, despite advancements in cloud security technologies, fundamental principles such as IAM must not be neglected.
The challenges Okta has encountered reveal a concerning pattern of persistent attacks focused on the theft of access tokens. These occurrences emphasize the significant value attackers attribute to these tokens, prompting critical questions regarding the measures companies implement to protect these essential access points.
7. Continuing Issues with Cloud Logging and the Cost of Detailed Logs
This year, we’re likely to hear continued debate over the inadequacy of detection and investigative capabilities in responding to high-profile, state-sponsored cyberattacks. It is expected that organizations will incur significant expenses in acquiring access to logs from providers such as Microsoft, a necessity highlighted by past incidents. Moreover, it is foreseen that cyber adversaries will exploit similar vulnerabilities, thereby urging organizations to enhance their investment in cybersecurity defenses.
The cloud security landscape is constantly evolving, and it’s important for organizations to stay up-to-date on the latest trends and threats. By staying vigilant, taking proactive steps to secure their systems, and adopting new technologies, organizations can better protect their assets and mitigate the risks they may face in dynamic cloud environments.
For a deeper understanding of how Cado Security automates incident response in the cloud, contact us or try our 14-day free trial.