Navigating the Expanding Cloud Attack Surface

Don't Let Today's Security Gap Become Tomorrow's Headline. While cloud technology is not new, and many organizations have been on their cloud journey for years, cloud service providers continue evolving with new features and services. Fast change and growth make it difficult for many organizations to catch up and inadvertently introduce security weaknesses. In the latest Cloud Threat Report, Unit 42™ analyzed 680,000+ identities across 18,000 cloud accounts and over 200 different organizations. They found: - Threat actors are getting smarter. With cloud usage on the rise and cloud technologies continuing to mature, threat actors are getting smarter and more powerful every day. They’re learning from new security strategies and finding creative ways to work around them, exploiting hidden weak spots and using vulnerabilities to their advantage. - MFA is not enforced for cloud users. 76% of organizations don’t enforce MFA for console users, and 58% of organizations don’t enforce MFA for root/admin users. - Attacks on software supply chains are on the rise. The prevalence of open-source usage and the complexity of software dependency make securing the software supply chain difficult. - Unpatched vulnerabilities continue to be low-hanging fruit for attacks. 63% of the codebases in production have unpatched vulnerabilities rated high or critical), and 11% of the hosts exposed in public clouds have high or critical vulnerabilities. What we learned throughout our research is that threat actors have become masters at exploiting common oversights in cloud security. Register now to our webinar to stay protected from cloud threats.