Public Cloud Vulnerabilities Abound

Cloud threat defense vendor RedLock created a "cloud security intelligence" team intended to research and identify public cloud threats and advise companies on cloud security best practices. A recent report on the CSI team's initial four months of research findings indicates that public cloud environments are riddled with avoidable threats and vulnerabilities despite providers' efforts to educate their customers, and the situation appears to be worsening. The team analyzed more than five million resources across RedLock's customer environments, and also actively probed the internet for vulnerabilities in public cloud computing environments. What it found were some disturbing holes in organizations' public cloud security practices. "Organizations are still falling behind in effectively protecting their public cloud computing environments," said Gaurav Kumar, CTO of RedLock and head of the CSI team. "As we've witnessed by recent incidents at organizations such as Viacom, OneLogin, Deep Root Analytics and Time Warner Cable, the threats are real, and cyber criminals are actively targeting information left unsecured in the public cloud. It's imperative for every organization to develop an effective and holistic strategy now to protect its public cloud computing environment." The full Cloud Security Trends Report can be downloaded here.