Blog
Sep 30, 2022
5 min read

Identity And Credentials Management A Top Cloud Security Threat, CSA Finds

Written By

Kevin Kumpf

Accelerated cloud adoption across organizations has brought about significant business benefits, including improved scalability, agility and new innovations. But the cloud has also introduced new security threats and risks. To ensure the advantages of the cloud eclipse the security vulnerabilities, it is crucial that security and IT teams not only recognize the emerging threats but that they take action to mitigate them.

To help with the task at hand, the Cloud Security Alliance (CSA) recently published a report on the  “Top Threats to Cloud Computing”. This was the sixth year the report was published, and this latest edition includes insights and recommendations related to cloud environment security based on in-depth surveying and research with 700 industry experts. In this article, we will review CSA’s main findings and add our own recommendations for easy implementation of their suggestions.

The Top 11 Cloud Security Threats for 2022

The top 11 threats identified by the CSA and the experts working group are:

  1. Insufficient identity, credentials, access, and key management

  2. Insecure interfaces and APIs

  3. Misconfiguration and inadequate change control

  4. Lack of cloud security architecture and strategy

  5. Insecure software development

  6. Unsecured third-party resources

  7. System vulnerabilities

  8. Accidental cloud data disclosure

  9. Misconfiguration and exploitation of serverless and container workloads

  10. Organized crime/hackers/APT

  11. Cloud storage data exfiltration

We will focus here on the number one threat – insufficient identity, credentials, access, and key management, and also touch upon threat number six – unsecured third-party resources. Our goal is to help security and IT professionals plan their strategy, choose the best tools, and ensure smooth operations and business continuity at all times.

The Biggest Risk to Cloud Security: Insufficient Identity, Credentials, Access, and Key Management

CSA found that the number one cloud security risk is insufficient identity, credential and access management, to be exact. This includes “tools and policies that allow organizations to manage, monitor, and secure access to valuable resources. Examples may include electronic files, computer systems, and physical resources, such as server rooms or buildings.” These vulnerabilities put organizations at risk of data exfiltration, compromise, data mismanagement or account takeover.

CSA lists the following business consequences that could result from identity-related vulnerability:

  • Negative business performance and productivity due to reactive and overly restrictive lockdowns

  • Employee testing fatigue resulting in a lack of compliance and apathy to security

  • Data replacement or corruption vs. exfiltration by unauthorized or malicious users

  • Loss of trust and revenue in the market

  • Financial expenses incurred due to incident response and forensics

  • Ransomware and supply chain disruption. 

How a Secure Connectivity Solution Can Help

One of the key takeaways is CSAs recommendation to follow zero trust. Specifically, “robust zero trust layer requires more than simple authentication for discrete users and application-based isolation.”

But what should a secure connectivity solution include beyond simple authentication?

  • A perimeter-less environment – In today’s distributed work landscape, the traditional network perimeter has dissolved. It is users and identities who form the new perimeter. A secure access management solution should put identity front and center and empower organizations to create security and permissions policies that are identity-based.

  • A modern authentication infrastructure – Advanced security relies on advanced authentication. This means using adaptive MFA and cloud SSO across both the cloud and traditional applications. These solutions enable streamlining of uniform security policies across all systems, increasing the security posture. Strong authentication also helps with compliance audits and may be a prerequisite for obtaining cyber insurance.

  • Account Management – Managing multiple users accounts is complex and creates significant overhead. This operational complexity is often solved through resharing access credentials among multiple users, a practice that may be convenient but is also insecure and in contradiction to compliance regulations. A secure solution will enable centralized and secure user access and connectivity to applications and resources, by replacing credentials with identity-based access. This eliminates unauthorized user access and enables IT and security teams to maintain full control and ownership of accounts and data.

  • Federated Identity Management – Identity management solutions can be difficult to manage. When an enterprise goes through a transition, like cloudification or M&A, the challenge is only enhanced. A secure connectivity solution will enable linking all IdPs and managing security policies from a single, centralized location.

CSA Spotlight: Third-Party Access 

The CSA identifies Unsecure Third-Party Resources as another important cloud security vulnerability. Per CSA, third parties include external vendors as well as external applications or OSS. Companies today rely heavily on these supply chain services, which may benefit business operations but also increase the risk of security vulnerabilities and exploitation. After all, any weak link could result in a damaging breach of the entire chain. 

A secure connectivity solution can significantly reduce the level of risk introduced by third parties. Such a solution will control the access of third party users based on the principles of zero trust. Business operations will continue unabated, but the added risk will be cut off. By supporting the management of user identities, permissions and authentications, businesses can continue to enjoy the growth enabled by third party partnerships while also ensuring security and regulatory compliance.

You can read the entire CSA report here.

To learn more about secure connectivity, schedule a demo with a Cyolo expert.

Kevin Kumpf

Author

Kevin Kumpf has more than 20 years of IT security and compliance experience, including over 10 years of cybersecurity, governance and critical infrastructure experience working in the energy, medical, manufacturing, transportation and FedRAMP realms. Kevin’s past roles include Director of OT Security (N.A.) for Iberdrola, where he oversaw the security, and regulatory compliance of multiple OpCo’s, and Principal Security and Regulatory Lead for interactions with the NY and NE ISO’s, NERC, ISAC’s as well as state and federal entities. He has also worked internally and as a vendor/consultant at multiple healthcare and manufacturing entities to mitigate the threats they were under in relation to ransomware, insider threats and malware infestation. Today Kevin works as the OT Technical Lead at Cyolo.

Subscribe to Our Newsletter