The 2022 Check Point Cloud Security Report found that 27 percent of organizations experienced a security incident in their public cloud infrastructure in the past year.

Cloud computing is one of the most widely used enterprise IT innovations in decades. According to Flexera’s 2021 “State of the Cloud” report, 99 percent of organizations report using at least one public or private cloud offering.

Businesses often switch to cloud computing because it offers advantages over traditional on-premises IT. However, despite—or perhaps because of—the success of the cloud, companies who use it have their own cloud security risks to worry about. Chief Information Security Officers (Certified CISOs) need to be vigilant about managing cloud security risks to protect their IT infrastructure and sensitive data.

This article will discuss some of the major cloud security issues, as well as how Certified CISOs can help improve cloud security within their organization.

A Certified CISO’s Major Challenges with Cloud Security

A Certified CISO is the organization’s chief security officer when it comes to protecting the integrity of the organization’s information technology. With many businesses heavily reliant on cloud technologies, cloud security issues should be a significant concern for chief information security officers. This section will review 4 of the most significant cloud security risks that Certified CISOs need to know.

1. Data breaches

Data breaches are as much a risk in the cloud as they are on-premises and can lead to devastating or irreversible damage to a company’s finances and reputation. One well-known example is the 2019 Capital One cloud data breach, which occurred due to a cloud firewall vulnerability and led to the theft of more than 100 million customers’ personal information. Both the customer and the cloud service provider (CSP) are responsible for patching security vulnerabilities that can lead to the exposure of sensitive or confidential information.

2. Misconfiguration errors

Many organizations believe that the public cloud is safer than on-premises IT since the cloud provider assumes responsibility for security issues. However, if companies leave their cloud infrastructure misconfigured, this can leave the door open for attackers. One major issue is access controls that need to be more generous, giving users more responsibilities than they need. This can make it easier for malicious actors to spread themselves throughout the cloud infrastructure once they have gained entry.

3. Weak identity and access management

Many cybersecurity incidents occur due to problems with identity and access management (IAM) problems, i.e., verifying cloud users’ credentials. The issues with IAM in the cloud may include the following:

• Weak passwords and other credentials or the inability to protect them from attackers
• Lack of two-factor or multi-factor authentication (MFA)
• Failure to rotate passwords, certificates, and cryptographic keys regularly.
• “Zombie accounts” that still retain access to cloud services when the user has left the organization

4. Multi-cloud complications

According to the Flexera report, 92 percent of companies have adopted a multi-cloud strategy, i.e., using two or more cloud providers simultaneously. The more providers there are present in the cloud environment, however, the harder it becomes to successfully monitor and manage this more extensive and more complex attack surface. Also, organizations have to ensure that every cloud provider meets their stringent security requirements. Many organizations suffer from the lack of a comprehensive, overarching multi-cloud strategy, leaving Certified CISOs to play “whack-a-mole” and deal with problems as they crop up.

How Certified CISOs Can Help Improve Cloud Security

The good news is that despite the cloud security challenges and risks, chief information security officers can still improve cloud security within their organization. This section will suggest various approaches a Certified CISO can take to tackle the escalating crisis in the cloud.

1. Data breaches

While data breaches have become an all-too-common occurrence, the following tactics can help prevent or limit their damage in a cloud environment:

• Taking stock of data: Certified CISOs should understand the data assets that their organization possesses, as well as the value of each asset and the damage that it would cause if it were leaked.
• Encryption: Confidential data should be protected by encryption in transit and while at rest. Industry-specific regulations such as HIPAA and PCI DSS may place additional requirements on handling sensitive information.
• Information security management system (ISMS): Certified CISOs should develop an information security management system (ISMS): a framework of IT security policies and procedures that defines how to manage an organization’s sensitive data.

2. Misconfiguration errors

Insecure data storage, too generous permissions, and default credentials are just a few causes of misconfiguration issues. Businesses can detect misconfiguration errors and other vulnerabilities in their cloud infrastructure through penetration testing, i.e., simulating cyberattacks on an IT environment to detect any flaws that need to be patched. Organizations must also proactively develop and test a robust incident response plan that governs how to respond and recover in the wake of an attack to limit the damage and restore normal business operations.

3. Weak identity and access management

Users of cloud services must select solid and complex passwords that dramatically lower the chances of an attacker breaking into their account. Enabling multi-factor authentication and training employees to recognize phishing attacks intended to bypass MFA can help reduce this risk. Organizations may also explore using alternative credentials, such as keys and tokens, that further strengthen account security.

4. Multi-cloud complications

Multi-cloud environments present additional challenges in visibility, security, and governance, but these difficulties are manageable. Centralized cloud monitoring and management tools can provide CISOs with the visibility and insights they need into the entire cloud environment within a single pane of glass. In addition, Certified CISOs must take the time to understand how each resource in their multi-cloud environment is used in terms of customer personas and workload so that they can apply the proper security controls to each one.

How the Certified CISO Program Can Help Improve Cloud Security

While cloud computing presents its security challenges and risks, C-Suite executives can become more well-versed in cloud security issues to protect the integrity and confidentiality of their data and IT assets.

EC-Council’s Certified CISO (Certified Chief Information Security Officer) program was curated for current and aspiring Certified CISOs. The CCISO certification provides theoretical and practical training in all five domains of information security management, from governance to strategic planning. As businesses rapidly move to the cloud for smooth operations, current and aspiring C-Suite executives and information security leaders can leverage the Certified CISO curriculum to learn how to redesign cloud security strategies and chalk novel approaches to handle multi-cloud domains, cloud governance, compliance, etc.

Ready to start down the path to your role as a CISO? Learn more about EC-Council’s CCISO certification and how it can enhance your career.

References

Flexera 2021 State of the Cloud Report. (2021). https://lp.tufin.com/rs/769-ICF-145/images/report-cm-state-of-the-cloud-2021.pdf

The Biggest Cloud Security Challenges in 2022 – Check Point Software. (2022). https://www.checkpoint.com/cyber-hub/cloud-security/what-is-cloud-security/the-biggest-cloud-security-challenges-in-2022/

Lessons learned: the Capital One breach. (2019). https://resources.infosecinstitute.com/topic/lessons-learned-the-capital-one-breach/