Over the last year, we have seen a rapid increase in the number of cyberattacks on cloud environments, with breaches having potentially disastrous consequences. The rise has even led to CISA releasing guidance and legislation on how to improve cloud security.

However, the issue of securing cloud environments does not have to be as complex as it is sometimes made out to be. Far too many breaches result from organizations relaxing their security settings on cloud resources or simple cloud misconfigurations. Therefore, what extra security checks and training should organizations be implementing to reduce the risk of breach?

Gadi Naor, VP of Software Engineering, Cloud Security at Rapid7 joins me today on Tech Talks Daily to discuss why cloud security does not need to be such a complex problem as once thought. In addition, we discuss which sectors are most vulnerable to cloud misconfigurations and how data breaches in the cloud can result in further attacks, for example, social engineering attacks.

We also talk about how organizations have helped contribute to the rise in attacks, including relaxing security settings and deploying unencrypted instances on the cloud. Finally, discuss what organizations can do to ensure that cloud misconfigurations are resolved.