Data exfiltration in the public cloud
As a result of increasing digitization and hybrid work models, the use of public cloud is growing significantly, and the data located there becomes the target of cyber attacks with the aim of exfiltrating data. Data storage in a multitude of managed and unmanaged public cloud services requires infrastructure teams to extend visibility into the public cloud, just as they are currently monitoring endpoints and local on-premise servers.
Given that data is beyond the control of the traditional local security perimeter, organizations need to implement new solutions for real-time monitoring in the cloud that can quickly scan the security and configuration posture of various services and suggest remediation according to best practices. See for ex. Trend Micro cloud One conformity scan.
Laminar, a security firm, published the results of the "2022 Security Professional Insight Survey" conducted on AWS re:Inforce in July 2022 and Black Hat in August 2022 on a sample of 415 cybersecurity professionals of which 65.1% stated that they currently have data in the public cloud (Amazon Web Services, Microsoft Azure or Google Cloud Platform). What is troubling is that despite a nearly 26% annual growth rate in public cloud adoption, respondents haven't strengthen the security of that data. As a result, many organizations have no visibility into unauthorized access to data in the public cloud. 38.3% do not know if a third party has successfully exfiltrated their public cloud data in the past six months, and just under 10% have been recently exposed. Attackers are already taking note.
Learn more at Help Net Security.