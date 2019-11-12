Infosecurity Group Websites

Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more
Latest
News

Most Security Pros Still Don’t Get Shared Responsibility: Report

Some 60% of global security professionals misunderstand the concept of “shared responsibility” in the cloud, potentially putting their organizations at risk, according to Centrify.

The identity and access management (IAM) vendor polled 700 cybersecurity pros to compile its new report, Reducing Risk in Cloud Migrations: Controlling Privileged Access to Hybrid and Multi-Cloud Environments.

It found that nearly two-thirds of respondents incorrectly believe that their cloud provider is responsible for securing privileged access. In fact, under the shared responsibility model espoused by Amazon Web Services, Microsoft Azure and others, the provider is only responsible for the infrastructure of the cloud itself — the hardware, software, networking and other functions.

Customers are responsible for security “in” the cloud, which includes customer data, apps, operating systems and network and firewall configurations.

The report also revealed that many organizations aren’t deploying a common security model or enforcing least privilege access, according to best practices.

What’s more, three-quarters (76%) are using more than one identity directory to manage cloud users, which Centrify claimed puts them at risk of “identity sprawl” and potential security gaps.

“As the enterprise threat-scape expands, organizations are faced with new challenges to secure modern attack surfaces, and this report makes it clear that the cloud is no exception,” said Tim Steinkopf, Centrify CEO.

“We know that 80% of data breaches involve privileged access abuse, so it’s critical that organizations understand what they are responsible for when it comes to cloud security, and take a least privilege approach to controlling privileged access to cloud environments. Too much access and privilege puts their workloads and data at risk.”

Some 60% of respondents said that security is their number one challenge when it comes to cloud migration projects. This is slightly at odds with a Nominet study from September that revealed CISOs believe the cloud to be as safe as on-premises infrastructure.

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

Hoster SmarterASP.NET Taken Down by Ransomware

2
News

Accenture Opens Cyber Ranges

3
News

Amazon Doorbell Camera Lets Hackers Access Household Network

4
News

Don't Fall for the WhatsApp Gold Scam

5
News

Two New Carding Bots Threaten E-Commerce Sites

6
News

Surveillance Fears as Russia Proposes New App Law

1
News

Microsoft to Extend California Privacy Law US-Wide

2
Interview

Interview: Jay Coley, Technical Director, Trend Micro

3
News

UK Labour Party Hit By “Sophisticated” and “Large-Scale” Cyber-Attack

4
News

Just a Third of Global Firms Are PCI DSS Compliant

5
News

Most Security Pros Still Don’t Get Shared Responsibility: Report

6
Opinion

Securing Backups in an Automated Data Protection System

1
Webinar

How Segmentation Leads to Visibility and Enables Compliance

2
Webinar

Are You At Risk? Know Your Cybersecurity Posture With Security Ratings

3
Webinar

The Insider's Motive: Defending Against the 7 Most Common Insider Threats

4
Webinar

Mobile Access: Best Practices for a Modern Security Approach

5
Webinar

Identifying and Defending Against Advanced and Automated Attacks

6
Webinar

The Persistence of Ransomware, New Variants & Better Tactics to Defend & Defeat

1
Blog

Security by Sector: How Smartphone Biometric Risks Threaten the Banking Industry

2
News Feature

Top Ten: Things Learned From the 2019 (ISC)2 Workforce Study

3
Blog

Paving the Way for an Even More Remarkable Decade in Information Security

4
Next-Gen

Is the Next Generation Ready to Deal With Malware?

5
News

PayPal Tops List of Most Imitated Brands

6
Webinar

The Persistence of Ransomware, New Variants & Better Tactics to Defend & Defeat