Cloud use increases attack surface up to 100-fold; companies fail to keep up with flood of threats

Companies’ attackable surface area has increased by a factor of two to 100 times as CIOs have started migrating corporate information from traditional data centers to a cloud infrastructure, boosting server workloads, according to a recent research.

Of those who reported an increase in server workloads when they moved to the cloud, a third of respondents said they doubled the number of server instances compared to their traditional data centers. A quarter reported the number of server instances to be five times higher in the cloud than in their traditional data centers.

Almost all CIOs said they must create, modify or retire server workloads anywhere from two to 100 times more frequently in cloud infrastructure environments than in their traditional data centers.

At the same time, security staff remain the same size, and many are still not automating security controls on cloud workloads, authors of the study say. Some 85 percent of IT security professionals said security team hiring has not kept up with the rate at which new server workloads are created, changed or retired in the cloud.

Only 28 percent of the security professionals surveyed are leveraging a full suite of tools to secure and audit cloud server workloads automatically when configuring and deploying them, yet 35 percent are not automating security for configuration or deployment at all. The security tools they most commonly automate are firewalls, segmentation tools and intrusion detection tools.

“Organizations rarely increase the size of their security teams at all, much less enough to keep up with the higher scale and pace,” said Carson Sweet, CTO of CloudPassage, cited in the research. While organizations have started to understand that cloud infrastructure can deliver faster development, deployment, and innovation cycles, many are not thinking about the related impact to security operations. It only takes one compromise to derail adoption of these new technologies and wreck the value they otherwise could have added.”

Gartner recently predicted that the cloud will most commonly be used in a hybrid manner by 2020, according to a report cited by Business Insights, emphasizing that operating entirely off the cloud will largely disappear by the end of the decade.

Cloud adoption and the widespread use of hybrid infrastructures will bring unknown security challenges that CIOs have to prevent by adopting breakthrough technologies able to fight zero-day exploits, Advanced Persistent Threats, and other devastating types of cybercrime.

"Information security teams and infrastructure must adapt to support emerging digital business requirements, and simultaneously deal with the increasingly advanced threat environment," said Neil MacDonald, vice president and Gartner Fellow Emeritus, as cited by Business Insights. "Security and risk leaders need to fully engage with the latest technology trends if they are to define, achieve and maintain effective security and risk management programs that simultaneously enable digital business opportunities and manage risk."

Gartner states in its Host-Based Controls for Server Workloads Ready for Hybrid IT” report published in April 2016: 

“Platform, hypervisor and OS integrity checks are excellent controls for systems over which you have lost end-to-end control, such as in colocated systems. Additionally, this control can, to some extent, defend against certain high-impact malware. Furthermore, it is currently the only safeguard that can verify the integrity of a (formerly) trusted hypervisor. Thus, this control is most feasible for application architectures where the integrity of the hypervisor or of the hardware is of any concern (e.g., high-risk applications in colocated systems or, where supported, public clouds).”

Bitdefender has solved the technical challenges of creating a solution to the root problem, giving datacenter owners the ability to know what they don’t know, and act on information from below the operating system. It is the only security company that provides security at the ring-1 level.