Cloud Expansion Backfired For Security As Cyberattacks Increase

( The possibility of Russia launching cyber attacks to retaliate against Western sanctions is a significant concern, and businesses, especially in the United States, Canada, and Western Europe, are preparing for potential cyber-attacks by Russian hackers.

A major cyber security firm warns that most companies do not address the most vulnerable element of the “modern cyber-attack surface.”

Most business security upgrades are focused on physical infrastructures, like PCs, smartphones, routers, and other devices. But it’s the cloud that is most endangered. According to a recently published study by JupiterOne, most organizations’ assets and security susceptibilities are not in the hardware but cyberspace.
JupiterOne’s study, the 2022 State of Cyber Assets Report, examined 372 million data points at nearly 1,300 organizations to assess their cloud security. The modern cyber attack surface of these companies is the soft underbelly, and most organizations lack preparedness. Up to 90 percent of all information technology assets are now cloud-based. In addition, 97 percent of a company’s potential security risk was in cloud assets.
Physical devices represent less than 10 percent of total devices within organizations yet, get the bulk of attention in cyber security upgrades. Focusing on hardware is not modern thinking.
Shifts toward modern information architecture have significantly impacted security teams, who are overworked, understaffed, underskilled.
For the first time in history, asset inventories are not necessarily deployed by humans. This new landscape demands automated approaches to address “surface management.”
The pandemic saw a substantial increase in cloud-based work products because of the surge in working from home or other remote locations “off-site.”
Unfortunately, the rapid change in the workforce culture also caused new entry points for cyber-criminals.
JupiterOne’s research warns business leaders and security professionals to take a closer look at asset security and better understand the vulnerabilities an assault would have on their expanded attack surface.
There was very little data to explain to “non-technical executives” how the rapid expansion of cloud-based information storage has generated so many avenues to attack.
The potential for a Russian cyber-attack is real, and they are most likely not using the past techniques to rob you; they are coming for you in ways you are not even thinking about just yet.