Sign up to save your podcasts
Or
Share The Cloud Is Under Attack. How Do You Secure It?
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Cloud Is Under Attack. How Do You Secure It?
Building and deploying applications in the cloud offers significant advantages, primarily driven by the scalability it provides. Developers appreciate the speed and ease with which cloud-based infrastructure can be set up, allowing them to scale rapidly as long as they have the necessary resources. However, the very scale that makes cloud computing attractive also poses serious risks.
The risk lies in the potential for developers to make mistakes in application building, which can lead to widespread consequences when deployed at scale. Cloud-focused attacks have seen a significant increase, tripling from 2021 to 2022, as reported in the Cloud Risk Report by Crowdstrike.
The challenges in securing the cloud are exacerbated by its relative novelty, with organizations still learning about its intricacies. The newer generation of adversaries is adept at exploiting cloud weaknesses and finding ways to attack multiple systems simultaneously. Cultural issues within organizations, such as the tension between security professionals and developers, can further complicate cloud protection.
To safeguard cloud infrastructure, best practices include adopting the principle of least privilege, regularly evaluating access rights, and avoiding hard-coding credentials. Ongoing hygiene and assessments are crucial in ensuring that access levels are appropriate and minimizing risks of cloud-focused attacks.
Overall, understanding and addressing the risks associated with cloud deployments are vital as cloud-native adversaries grow increasingly sophisticated. Implementing proper security measures, along with staying up-to-date on runtime security and avoiding misconfigurations, are essential in safeguarding cloud-based applications and data.
Elia Zaitsev of CrowdStrike joined TNS host Heather Joslyn for this conversation on the heels of the release of their Cloud Risk Report.
Learn more from The New Stack about cloud security and CrowdStrike:
Cloud-Focused Attacks Growing More Frequent, More Brazen
5 Best Practices for DevSecOps Teams to Ensure Compliance
What Is DevSecOps?
View all episodes
By The New Stack
4.3
3131 ratings
Building and deploying applications in the cloud offers significant advantages, primarily driven by the scalability it provides. Developers appreciate the speed and ease with which cloud-based infrastructure can be set up, allowing them to scale rapidly as long as they have the necessary resources. However, the very scale that makes cloud computing attractive also poses serious risks.
The risk lies in the potential for developers to make mistakes in application building, which can lead to widespread consequences when deployed at scale. Cloud-focused attacks have seen a significant increase, tripling from 2021 to 2022, as reported in the Cloud Risk Report by Crowdstrike.
The challenges in securing the cloud are exacerbated by its relative novelty, with organizations still learning about its intricacies. The newer generation of adversaries is adept at exploiting cloud weaknesses and finding ways to attack multiple systems simultaneously. Cultural issues within organizations, such as the tension between security professionals and developers, can further complicate cloud protection.
To safeguard cloud infrastructure, best practices include adopting the principle of least privilege, regularly evaluating access rights, and avoiding hard-coding credentials. Ongoing hygiene and assessments are crucial in ensuring that access levels are appropriate and minimizing risks of cloud-focused attacks.
Overall, understanding and addressing the risks associated with cloud deployments are vital as cloud-native adversaries grow increasingly sophisticated. Implementing proper security measures, along with staying up-to-date on runtime security and avoiding misconfigurations, are essential in safeguarding cloud-based applications and data.
Elia Zaitsev of CrowdStrike joined TNS host Heather Joslyn for this conversation on the heels of the release of their Cloud Risk Report.
Learn more from The New Stack about cloud security and CrowdStrike:
Cloud-Focused Attacks Growing More Frequent, More Brazen
5 Best Practices for DevSecOps Teams to Ensure Compliance
What Is DevSecOps?
More shows like The New Stack Podcast
View all
Hanselminutes with Scott Hanselman
377 Listeners
Software Engineering Radio - the podcast for professional software developers
265 Listeners
The Changelog: Software Development, Open Source
285 Listeners
The Cloudcast
153 Listeners
Thoughtworks Technology Podcast
40 Listeners
The New Stack Analysts
9 Listeners
Talk Python To Me
586 Listeners
Software Engineering Daily
629 Listeners
The New Stack @ Scale
3 Listeners
The TWIML AI Podcast (formerly This Week in Machine Learning & Artificial Intelligence)
436 Listeners
The New Stack Context
4 Listeners
AWS Podcast
200 Listeners
Kubernetes Podcast from Google
180 Listeners
Practical AI
189 Listeners
The Stack Overflow Podcast
63 Listeners
Oxide and Friends
47 Listeners
Latent Space: The AI Engineer Podcast
63 Listeners
The Pragmatic Engineer
52 Listeners