In 2023, the cybersecurity landscape changed in three significant ways. The Securities and Exchange Commission cut the allowed reporting period following a security breach to just four days. Artificial intelligence began to be used in cyberattacks. And after retreating in 2022, ransomware came back stronger than ever.In response to these threats, cybersecurity buyers, vendors, influencers and decision makers worked to improve their practices around ransomware prevention, privacy and third-party risk, vulnerability management, cloud security, and identity and access management. Yet respondents in several CyberRisk Alliance Business Intelligence surveys reported more than a few challenges in meeting these goals.The following is the fourth of a five-part series about how security practitioners struggled or, in some cases, made significant headway throughout 2023. Here, we focus on how the skills gap between attackers and defenders affected cloud security, and how AI might change the game in 2024.
Put together the cloud-related skills and knowledge gap between attackers and defenders with the advent of AI-driven attacks, and we might see a perfect storm of cloud-based and cloud-targeting threats in 2024.Threat actors might use AI to rapidly catalogue an organization’s cloud assets and probe them for weaknesses, gaining visibility that the targeted organization lacks. Defenders of cloud assets may have to adopt AI-driven monitoring and response tools just to keep up.An August 2023 CRA Business Intelligence survey of 200 IT and security managers in North America found that cloud adoption was widespread, with 43% of respondents saying that their organizations had moved at least half their workloads into the cloud. Forty-eight percent said they used three or more cloud providers. Only 1% said they didn't use the cloud at all.Respondents generally felt comfortable with the security of their cloud platforms, with 56% of respondents rating their confidence levels at 7 or more on a scale of 1 to 10. Two-thirds (66%) said they used the security services offered by their cloud platform providers. Despite that, 22% of Amazon Web Services and Microsoft Azure customers each said their platforms had been compromised in the previous 12 months.A sizeable fraction of survey respondents had doubts about their own abilities to manage, secure and gain visibility into their own cloud assets.One-quarter (25%) said they lacked the skills or expertise to properly secure the cloud, 14% said they didn't have the staff to manage the cloud, 13% said they lacked the required experience and 8% said they lacked visibility. Fifteen percent feared they wouldn't be able to handle adversarial attacks on their cloud assets, and 10% felt they needed more resources to manage the cloud."We're struggling to understand the complexity that the cloud can introduce and have trouble training and maintaining employees that can stay current with the latest cloud technologies," said one respondent.Such lack of confidence in organizations’ abilities to manage, track and protect cloud assets doesn’t bode well for compliance with the SEC’s new breach-notification rules. Publicly traded companies may have to devote more resources to improving cloud visibility and security, and to create new procedures and templates that would speed up incident reporting.
Paul Wagenseil is a custom content strategist for CyberRisk Alliance, leading creation of content developed from CRA research and aligned to the most critical topics of interest for the cybersecurity community. He previously held editor roles focused on the security market at Tom’s Guide, Laptop Magazine, TechNewsDaily.com and SecurityNewsDaily.com.