Quanta Computer Inc., JBS Foods, Johnson & Johnson, and the Colonial Pipeline were only a few of the entities exploited for their security vulnerabilities in 2021. Ransomware in its most malevolent form involves the exploitation of exfiltrated data in exchange for payment, leaving the ruination of some and critical disintegration of others in its wake. Predicted to inflict damages totaling $6 trillion USD globally in 2021 and $10.5 trillion annually by 2025, the level of sophistication and lucrative operation of ransomware cybercrime is compounding at a rate that’s never been seen before - and even more exponentially amidst the chaos of the COVID-19 pandemic and it’s disorienting effect on the healthcare industry.
Ransomware grew by 148% in 2020, with attempts to dislodge vital vaccine advancements accounting for the 15.5 billion cybersecurity incidents stated to affect Johnson and Johnson on a daily basis. In 2020 alone, the ransomware industry profited by more than 20 billion in attacks on the healthcare sector, spanning 600 hospitals and 92 official ransomware accounts.
“Pharmaceuticals, hospitals, healthcare, public companies, organizations that don’t have the talent and skills to defend themselves - they’re getting sucker- punched.” - Kevin Mandia
As organizations continue to transition into the cloud to adapt, scale and further remote work collaboration and business operations, improper cloud configuration - and the heightened possibility for data breaches - emerges as the biggest global threat to business.
Image provided by Sans
Cloud Security Posture Management - What is it?
Cloud Security Posture Management targets failures at their root, focalizing an organization's cloud configuration. Previously known as Cloud Infrastructure Security Posture Assessment, CSPM was defined in response to the growing need of organizations to correctly configure public cloud Iaas, PaaS services and remediate cloud risk. CSPM uses automation to identify and remediate vulnerabilities within cloud infrastructures, and is known for its risk visualization and assessment, incident response, compliance monitoring, and DevOps integration enablement. Notably, CSPM is able to uniformly apply best practices for cloud security against hybrid, multi-cloud, and container environments.
Why do misconfigurations exist?
With the dynamic nature of cloud environments, number of connected resources, and API driven approaches to integration, misconfigurations can easily be made. Cloud-based services include many moving parts, and when compounded with the lack of active observability lessen an organization's ability to discover and address configuration gaps.
Accidentally granting public access to storage buckets or containers within the cloud that are otherwise assigned individually to storage classes is a common misconfiguration with considerable risk. Like an unlocked house, storage buckets that are left open are susceptible to attack by anyone who discovers them.
What are CSPM’s Key Capabilities?
Automated detection and remediation
Ability to maintain an inventory of best practices for different cloud configurations and services
Configuration status mapping and connection to a security control framework or regulatory standard
Storage bucket monitoring, encryption, and account permissions for misconfigurations and compliance risks
With the scope of an organization's due diligence advancing and complexifying with every new cybercrime event, having a strong offensive stance that can detect and respond at the tempo necessary is a task that only Cloud Security Posture Management has proven to deliver.
To Read More about Best Practices and Fundamentals, Check Out Our Cloud Strategy Guide Below.
Connect with the author
Other posts you might be interested in
7 min read | May 25, 2018
Does osquery violate GDPR rules around Personally Identifiable Data (PII)?Read More
3 min read | April 25, 2019
The First Curated Osquery Resource HubRead More
8 min read | April 10, 2020