Cloud insecurity: leaving the keys in the door?

The cloud is now a mainstream technology across both the public and private sectors. Its flexibility and scaleability are attractive to organisations of all sizes, and early concerns about security have been addressed. Or have they? There is growing evidence that data breaches and attacks, such as ransomware, are exploiting gaps in cloud security. All too often, this is because security measures have not been deployed, or cloud resources are misconfigured. And bad actors can exploit those...

The cloud is now a mainstream technology across both the public and private sectors. Its flexibility and scaleability are attractive to organisations of all sizes, and early concerns about security have been addressed.

Or have they?

There is growing evidence that data breaches and attacks, such as ransomware, are exploiting gaps in cloud security.

All too often, this is because security measures have not been deployed, or cloud resources are misconfigured.

And bad actors can exploit those gaps, possibly within just minutes.

Research by vendor Qualys, for their Totalcloud Security Research Insights report, found that in some cases, close to two thirds of cloud instances were misconfigured, and half of internet facing assets were not patched.

In his episode, Paul Baird, Qualys’ EMEA CTSO, discusses the findings – and explores what might be behind them – with editor Stephen Pritchard.