Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • 4 Considerations for a Secure Cloud Environment
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

4 Considerations for a Secure Cloud Environment

5 years ago Paul Norris
4 Considerations for a Secure Cloud Environment

Digital attackers are increasingly turning their attention to the cloud. According to the 2020 Trustwave Global Security Report, the volume of attacks targeting cloud services more than doubled 7% in 2018 to 20% a year later. This growth made cloud services the third most-targeted environment after corporate and e-commerce at 54% and 22%, respectively.

These trends highlight the need for organizations to secure their cloud environments. Provided below are some things they should keep in mind along the way.

CSPs – Configurations and More

First, it’s important to point out that organizations are constantly shifting in their preferences for Cloud Service Providers (CSPs). A large majority of customers currently have AWS or Microsoft Azure. However, some customers have a hybrid of both AWS and Azure, and we are even starting to see a few customers adopt Google Cloud Platform (GCP). This points to an important realization: organisations need to multi-skill their employees to support these vastly different cloud platforms as they continue to undergo their digital transformations.

Fostering skills across multiple CSPs is an important matter of security. Oftentimes, we see single-skilled workers try to adopt security on CSPs that they are not familiar with. Such unfamiliarity could produce a misconfiguration that could enable attackers to access an organization’s sensitive information.

Traditionally, those misconfiguration events involved storage silos like Buckets, Blobs, etc. A number of customers had misconfigured storage that faced the public a while back. That’s what the malicious hackers look for – potential intellectual property or customer information in an insecure bucket. However, CSPs are now providing these services at a secure (private) state by default, so you would have to change it to a public-facing state deliberately going forward.

That raises an important question: should you adopt the default security configuration for your CSP in an attempt to avoid a misconfiguration incident?

I think caution is in order here. Some of the default settings CSPs provide may not be a requirement for your environment, so perhaps disable them. I’d also check all my settings against a hardening standard. At the end of the day, cloud service providers provide you a platform and the tools to manage that platform. It’s not their responsibility to secure your environment. It’s yours.

Therefore, you need to be confident that the settings in your CSP are set to the way you need them. Sure, the defaults may be a good place to start, but I would personally check them all. At the end of the day, it won’t be the cloud security provider that will be on the news at 10, after all.

It’s a Process

2020 has been a very challenging year for many, not to mention organisations who need to ensure the lights remain on in a safe and secure manner. This means giving employees access to critical systems from remote locations. We have seen the adoption of additional perimeter hardware to cope with the demand and jump servers put in place to access secure restricted systems. But to date, we haven’t seen many organisations move to the cloud.

Let’s be clear on a few things, though. Moving services to the cloud is not something that can or should be done overnight. It should normally take months of planning to ensure the right systems are running and conduct migration to the cloud. Take Office 365, which essentially can lift your whole AD management capabilities to the cloud. As we become more dependent on Software as a Service solutions and Infrastructure as a Service, there will be less demand on systems being accessed via remote VPNs.

Align to Cloud Hardening Standards

Fortunately, organizations can choose from a variety of standards to harden their cloud environments against attack. The Center of Internet Security (CIS) has a very mature set of standards and guidelines for multiple cloud providers as well as operating systems and applications, for instance. However, there are other standards out there such as the National Institute of Standards and Technology (NIST) that also cover hardening cloud environments.

In my opinion, though, there are a lot of overlapping controls in all the standards. As long as at least one standard is adhered to, it will help reduce the attack surface.

Automate, Automate, Automate

Over the years, automation in many areas of security has been increasing to meet the demand of so many systems generating alerts, discovering vulnerabilities, churning out logs, etc. Automation now extends to compliance. Solutions like Tripwire Enterprise can automate the process of checking multiple tests against many endpoints to show compliance across the estate. If you can use these solutions to continuously monitor systems for deviations from a specific standard, then you will be able to react quicker to potential security issues before a breach can occur.

So many organisations discover security breaches when the breach occurs and not before, so it’s time to get ahead of these breaches and help prevent them from happening in the first place. Malicious hackers use automated tools to continuously sweep and scan CSPs for misconfigured systems, which we have learnt can be easily achieved. So, if we started to use similar tools to ensure those holes are not there in the first place for the hacker to discover, then I’m up for that. Automation is a thing now. It’s time for organizations to embrace it.

Where Tripwire Fits In

Tripwire’s cloud cybersecurity solutions help organizations to automatically manage and enforce the configurations of their AWS, Azure and GCP accounts. It also helps them to monitor and manage vulnerabilities across their cloud assets as well as maintain consistent security controls as cloud assets spin up and wind down. For more information on Tripwire’s cloud cybersecurity products, click here.

The post ” 4 Considerations for a Secure Cloud Environment” appeared first on TripWire

Source:TripWire – Paul Norris

Tags: Cloud, Critical Severity, Google, Hacker, Microsoft, TripWire

Continue Reading

Previous Lax Security Exposes Smart-Irrigation Systems to Attack Across the Globe  
Next How Containers Support the IT-OT Convergence

More Stories

  • Critical Vulnerability

http://thehackernews.com/2026/02/docker-fixes-critical-ask-gordon-ai.html

4 hours ago [email protected] (The Hacker News)
  • Data Breach

[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate

6 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

7 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Data Breach

When Cloud Outages Ripple Across the Internet

10 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

11 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox

15 hours ago [email protected] (The Hacker News)

Recent Posts

  • http://thehackernews.com/2026/02/docker-fixes-critical-ask-gordon-ai.html
  • [Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate
  • Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
  • When Cloud Outages Ripple Across the Internet
  • APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT