New Data Sheds Light on What Can be Learned from Attacks Against Cloud Environments
2014 was a banner year for high-profile security breaches. The Sony hack, big box store data breaches, and the rumblings of problems at the federal government’s Office of Personnel Management all contributed to a problematic year for IT, business and government leaders.
Many of these breaches stemmed from inadequately protected on-premise systems, but what’s been going on with cloud security? For answers look no further than DLT partner, Alert Logic’s newly released 2015 Cloud Security Report.
Alert Logic’s cybersecurity research practice analyzed over one billion events and identified over 800,000 security incidents in 2014, ranging from low to severe (“You are under a targeted attack, deploy countermeasures immediately”). The data was collected from over 3,000 organizations across multiple industries.
Top of the list of cloud security threats was application attack. This occurs when an attempt is made to exploit an application and harm, destroy, or access the data stored in it. Examples include SQL injection and the Heartbleed exploit.
The report goes onto examine how threat profiles in the cloud are defined by your industry, the applications you run, and the data retained. Alert Logic recommends that “Maintaining a solid understanding of the application types deployed, the type of data maintained, and the associated compliance mandates (such as PCI, HIPAA, SOX, etc.) will help to drive the types of security controls and solutions you need to deploy.”
Download the report for more insight as well as tips on how to formulate a plan for the cloud shared security model.