Alert Logic 2014 Cloud Security Report

The research is in – Cloud adoption continues to grow and with it, attacks are following – What this year’s Cloud Security Report tells us…. The cloud is here to stay. The scalability and capacity-on-demand that the cloud delivers supports a businesses’ need to be agile. The ability to more effectively manage costs makes the finance team happy. IT teams don’t have to worry about installing and maintaining hardware in data centers that don’t have enough space, power or cooling. The analysts tracking the cloud are predicting strong growth too: IDC Forecasts Worldwide Public IT Cloud Services Spending to Reach Nearly $108 Billion by 2017 as Focus Shifts from Savings to Innovation Gartner Says Cloud Computing Will Become the Bulk of New IT Spend by 2016 At Alert Logic, we’ve been “cloud believers” for a long time. To believe in the cloud though, we think it’s critical to understand what’s happening in the cloud. And from our perspective, that means understanding cloud security. Fortunately, we’re in a great position to understand how security in the cloud is the same and how it’s different from security in your on-premises datacenter. Using data from the thousands of customers who use our security solutions, we’re constantly collecting and analyzing security threats. And once or twice a year since 2011, we package up our research in a Cloud Security Report to share with anyone who’s interested. You can download the full report from our website.

The following are a few highlights:

The Data Set: Our research is based on more than 2,200 cloud and on-prem organizations based primarily in North America and Western Europe. Over a 6-month period, our correlation engine analyzed more than 1 billion events that produced 232,364 verified security incidents that our Security Operations Center (SOC) analyzed.


Key Findings: 2014 Cloud Security Report

  • On-prem attacks are moving to the cloud – What used to be historically on-prem based attacks are now targeting cloud environments. We expect a big driver for this is that businesses are starting to deploy traditional enterprise applications like ERP and virtual desktop infrastructure (VDI) in the cloud. The bad guys seeing this happen are running vulnerability scans and brute force attacks in hopes of finding and taking advantage of lax security policies in the cloud. And as more end user applications move to the cloud, we’re seeing malware and botnet attacks move with them.
  • Threat diversity in the cloud is on the rise – Threat diversity is basically a measurement of how many different types of attacks each customer faces. This year, we saw threat diversity in the cloud increase to rival that of on-premises data centers. So you can’t prepare for just one or two types of attacks in the cloud. You need the same security sophistication (coverage) in the cloud that you’d apply to protect an enterprise on-prem data center.
  • Point solutions are not enough – As a new data source for this report, we deployed honeypots in major public clouds around the world to observe new patterns of attacks and emerging threats. One interesting (and scary) observation was that 14% of the malware collected was considered undetectable by 51 of the world’s top anti-virus vendors. In the cloud, as on-prem, defense in depth is needed.

So where does this leave you? Should you stop using the cloud? Nope, see the beginning of this article – there are just way too many advantages to using the cloud. Should you move all your legacy security to the cloud? You can’t, sorry – cloud architectures require cloud-aware security solutions and customized analytics and threat intelligence. However, there is much you can do to protect yourself in the cloud. Get educated on what your business and applications require from a compliance and security posture. Map that to the cloud platforms that make best sense and are most transparent/mature on their security offerings. Implement the right coverage of products, security threat intelligence, analytics/correlation, and people to watch over your business critical applications and data 24 x 7. Read the 2014 Cloud Security Report and let us know what you think.