A recent report by IBM revealed that two-third of cloud security incidents could have been avoided if apps, databases, and security policies were configurated correctly.
Indeed, these security breaches could have easily been prevented with more prevention and properly implemented security policies. Issues with credentials and policies were also found out, including improperly configured assets, password spraying, and pivoting from on-premises infrastructure.
Besides, the report showed that threat actors were taking advantage of lax security in cloud environments through API configuration, security issues, remote exploitation, and accessing confidential data. Recent attacks were also classified under shadow IT, which includes apps and services that are not managed or monitored by central IT teams.
It was also revealed that vulnerabilities impacting cloud applications have increased, with close to half of over 2,500 reported bugs being found in the past 18 months.