Cloud computing main risks in 2023 and what to expect in 2024.

Itsik Ohana Cloud & Security Architect

-

September 1, 2024

Cloud migration is the process of moving digital assets — like data, applications, or IT resources — from on-premises infrastructure to cloud environments, or from one cloud service to another. This shift enables businesses to leverage the benefits of cloud computing, including scalability, cost-efficiency, and access to advanced cloud technologies. It requires careful planning, execution, and management to ensure data integrity, security, and minimal disruption to services. 

In 2023, the five most common and severe cloud security risks were identified as:

  1. Unpatched exposed web services: These are services that are exposed to the internet and have not been updated with the latest security patches, making them vulnerable to attacks.
  2. Sensitive information in Git repositories: This refers to the risk of sensitive data being accidentally committed and pushed to public Git repositories.
  3. Unsecure sensitive AWS keys: AWS keys that are not properly secured can provide attackers with unauthorized access to cloud resources.
  4. Overprivileged IAM roles: IAM roles with more permissions than necessary can lead to unauthorized actions if they are compromised.
  5. Overprivileged AWS Lambda functions: Like IAM roles, AWS Lambda functions with excessive permissions can pose a security risk.

These risks were widespread in organizations of all sizes, even those with a high maturity level in terms of cloud security. It’s important to note that addressing these risks often involves focusing on security basics such as patching vulnerable services, enforcing policies that adhere to the Principle of Least Privilege (PoLP), and prioritizing alerts with guided and automated remediation.

In 2024, the cloud security landscape is expected to evolve in several ways:

  1. IAM Hacks: The attacks against platforms like Okta underscore the complexities of identity and access management (IAM) in a cloud-dominated era.
  2. Persistent Threats and Repeat Attacks on Tokens: Cybercriminals are expected to continue targeting cloud infrastructure, including newer technologies such as container-based and serverless resources.
  3. Adaptation by Attackers: As organizations adopt a cloud-first approach, attackers are expected to adapt their strategies accordingly.
  4. Cyber Skills Gap: The gap in cybersecurity skills is expected to persist, which could impact the ability of organizations to adequately protect their cloud environments.
  5. Misconfiguration of Cloud Services: Misconfiguration of cloud services is expected to remain a critical threat.
  6. Increased Sophistication of Cyberattacks: Businesses will continue mass migrating to cloud platforms, and cybercriminals will follow.

These predictions underscore the importance of maintaining robust security practices, including regular patching, enforcing least privilege access, and investing in security awareness training.

MedOne’s cloud infrastructure is based on hardware and software from the leading and most secure manufacturers in the world while minimizing to the minimum possible services exposed to the Internet to maintain a maximum level of information security.