As companies work to protect their cloud environments, they need to know which types of attacks are most likely to hit.
"Cloud has been around for years, but cloud security has only within the past year or so become a formal discipline," says Matthew Chiodi, vice president of cloud security at RedLock. And as the cloud evolves, attackers are finding new, advanced ways to break into enterprise environments.
Public cloud security incidents often stem from a poor understanding of the shared responsibility model, which governs how cloud users and providers both shoulder the burden of security, Chiodi says.
"Many of the threats we talk about are the result of organizations not understanding the threat model of the public cloud," he explains. Customers struggle to use security tools in the public cloud, and legacy enterprise tools don't work in the dynamic nature of cloud environments.
Several types of threats are taking aim at the cloud, says Manuel Nedbal, CTO at ShieldX. "We see most of the attacks are either orchestration or cross-cloud attacks, or data center attacks," he says, attributing the overall rise of these incidents to the rise in cloud adoption.
Here, the two cloud security pros point to different types of cyberattacks and explain how they affect cloud environments.
Black Hat Europe returns to London Dec 3-6 2018 with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the conference and to register.