An overwhelming percentage (90%) of cyber attacks in cloud environments in the past 12 months involved compromised privileged access credentials, according to new research by Centrify, a provider of privileged access management (PAM) solutions. The new study, which surveyed 150 IT decision makers in the U.S., found that 65% of them faced attempts to attack their cloud environments, with 80% of those environments successfully compromised.
To identify how the level of trust in the cloud and the resulting risks around that attack surface have advanced with the migration of companies to remote work due to the social distance imposed by the covid-19 pandemic, Centrify has partnered with CensusWide to research these IT executives. It quickly became apparent that the reliability, availability and scalability offered by the cloud has become essential to keeping organizations up and running and cybercriminals are noticing it.
While the majority (63%) of respondents had the vision to make the move to the cloud three or five years ago, a quarter (25%) of IT executives have only begun their transition to the cloud in the past two years. Almost a third (31%) use hybrid and multi-cloud environments, while 45% use only private cloud and 23% rely on public cloud. Availability was clearly the main benefit of the cloud among respondents (46%), followed by collaboration (28%), cost savings (15%) and scalability (9%).
Despite the predominance of cyber attacks targeting the cloud, the management of environments with multiple clouds was identified as the biggest challenge in the transition to the cloud (36%), followed by the risks of cybersecurity and migration to the cloud (both 22%). In addition, 19% cited maintaining compliance in the cloud as an ongoing problem. “Cybercriminals are capitalizing on our dependence on the cloud and are no longer just hacking. They are connecting, ”said Art Gilliland, CEO of Centrify.
“With almost all attacks on the cloud caused by the theft of privileged access credentials, the security layer must include a centralized PAM solution architected in the cloud, for the cloud. This approach will minimize the attack surface and control privileged access to hybrid environments, even if it evolves post-covid-19 ”, adds Gilliland.
See the original post at: https://www.cisoadvisor.com.br/90-dos-ciberataques-a-nuvem-envolvem-credenciais-de-acesso-privilegiado/?rand=59039
