Header image

Cloud Misconfigurations Include Over-Exposed and Privileged Access

Three-quarters also have publicly exposed storage assets.

More than a third of businesses are leaving themselves exposed due to having publicly exposed, critically vulnerable and highly privileged cloud workloads.

According to research by Tenable, 38 percent of these businesses have these misalignments, each of which introduces risk to cloud data, but the combination of all three drastically elevates the likelihood of exposure access by cyber attackers.

The report also found that 84 percent of organisations possess unused or longstanding access keys with critical or high severity excessive permissions. Also 74 percent of organisations have publicly exposed storage assets, including those in which sensitive data resides.

Shai Morag, chief product officer, Tenable, said: “It’s not always about bad actors launching novel attacks. In many instances, misconfigurations and over-privileged access represent the highest risk for cloud data exposures. The good news is, many of these security gaps can be closed easily once they are known and exposed.”

Dan Raywood
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Dan Raywood
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Upcoming Events

No events found.