According to Palo Alto, the epicenter of cybersecurity is now more than ever in the cloud. Incorrect configurations and a lack of overview are the main causes.

Eighty percent of the vulnerabilities faced by the average organization are in the cloud. That’s the key conclusion drawn by Palo Alto in a large-scale analysis, the results of which were announced today. The remaining twenty percent of vulnerabilities come from on-premise applications. Despite all the advantages that the cloud can offer, it is becoming an IT Achilles heel for many companies.

It is not surprising that the proportion of vulnerabilities in the cloud is growing. Companies large and small are investing more in the cloud every year. But vulnerabilities don’t just happen. Companies often do not have a sufficient overview of what exactly they need to back up in the cloud.

Lost track

Palo Alto attributes the risk to the high volatility of the cloud. On average, a company changes twenty percent of its cloud applications every month. Constantly switching applications online and offline increases the risk of configuration errors. Qualys has concluded in previous research that misconfigurations are a major threat in the cloud because they expose vulnerabilities.

In addition, the many changes caused security teams to lose track, Palo Alto continued. Almost fifty percent of cloud vulnerabilities are caused by new applications. Increasing the visibility of your IT ecosystem should therefore be a top priority. You can only protect effectively if you know what you need to protect. This sounds logical, but practice shows that this is not so obvious.

Weak websites

Poorly secured websites are still a popular target for attackers. The most common compromises involved Apache servers, unsecured PHP, and buggy versions of JQuery. Remote access services also often appear to contain vulnerabilities. Vulnerabilities were discovered in RDP, Secure Shell (SSH) and Virtual Network Computing (VNC), among others.

Proactive approach

As the IT ecosystem becomes more complex, companies need to be more proactive about their security. The gap between when vulnerabilities are fixed and when attackers exploit them is becoming larger than the Grand Canyon. Attackers often only need a few hours to discover and exploit a vulnerability, while it can take days or sometimes weeks until a patch is available.

Leaving nothing to chance is the golden advice that Palo Alto wants to pass on to everyone who reads the report. Organizations need to have a real-time view of all internet-connected applications and continually monitor them for new threats. Monitoring itself is useless if there is no action plan to address vulnerabilities. Finally, transparency into who is using which application in your organization is planned, coupled with a zero trust policy with appropriate means of authentication.