Ermetic Cloud Security Predictions for 2022
Remote work, which is here to stay, has become the cloud’s killer app. Here are our five security predictions for the year ahead.
2021 was the year cloud migration accelerated to warp speed, fueled by COVID work from home mandates that swept across the world almost overnight. It is now clear that business will never go back to the way it was conducted before the pandemic. Remote work, here to stay, has become the cloud’s killer app. Therefore, it’s no surprise that we expect attackers to "go where the money is” and double down on targeting cloud infrastructures in 2022.
Without further ado, here are my five security predictions for the year ahead.
- Hackers will focus on new ways to breach the cloud and target weak links in supply chains as an entry point to compromise well-protected downstream assets. The Solarwinds incident was a harbinger of things to come.
Pro Tip: Reduce entitlements and privileges for all internal and external accounts with access to your cloud resources, including machine identities.
- Every organization will experience at least one cloud breach. Therefore, businesses should focus on reducing their attack surface and containing the size of the blast radius when an incident occurs.
Pro Tip: Invest in tools that provide visibility into cloud identities and their activity so you have a clear picture of the potential damage following a breach in order to respond quickly and communicate with stakeholders.
- Companies in the “build” stage of their cloud migration will suffer more breaches than those in the “optimize” phase where they can focus on securing their infrastructure. Young companies that were “born in the cloud” have an advantage here since they understand that protecting their applications and data is their responsibility -- not the cloud provider’s.
Pro Tip: Plan and build security controls for identities, access and configurations into your cloud migration roadmap.
- Zero Trust initiatives will accelerate despite the fact that the term will begin to lose its luster due to overuse. Even without a catchy buzzword, enforcing continuous security policies on “who can access your resources and data” is the most important principle for securing cloud infrastructures.
Pro Tip: To enforce Zero Trust and least privilege in the cloud, you need to manage network policy, identity and access permissions, and resource configurations. Invest in technologies that provide comprehensive visibility into all three.
- Machine and service identities will emerge as cloud security’s Achilles heel. As more and more organizations improve the security of their human identities with multi factor authentication (MFA) and single sign-on (SSO), attackers will target machine identities. These identities and their permissions are already being exploited in virtually every cloud breach to move laterally or access data.
Pro Tip: Since machine and service identities are typically created by developers, they have been outside the purview of security teams. This has to change. In light of the current shortage of qualified security experts, consider software that can be a force multiplier for your security organization by identifying, prioritizing and automating the remediation of risk associated with machines identities and their entitlements.