4 Common Cloud Vulnerabilities that Lead to Data Breach

From our Partners
3 Min read

Moving to the cloud is all about agility and speed. But this agility and flexibility frequently come at the expense of security, leaving organizations, customers, and their data at risk. Moreover, as more and more organizations adopt multi-cloud and hybrid cloud strategies, this is adding additional challenges and threat vectors to increasingly complex environments.

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

Here are 4 common cloud vulnerabilities which frequently lead to data breach:

Public Exposure

It’s the oldest mistake in the book: spinning-up a new cloud resource but leaving it publicly accessible and completely unsecured. Hackers nowadays routinely employ automated tools which scan target networks for any exposed assets, meaning that your unsecured public assets are virtually guaranteed to be discovered.

According to Gartner, by 2021, over 50% of enterprises will unknowingly and mistakenly have some IaaS storage devices, networks, applications or APIs directly exposed to the public internet, up from 25% in 2018.

Excessive Permissions

One of the major benefits of moving to the cloud is that it enables fast business operations. However, in the name of expediency, access credentials are frequently handed out in hasty and unnecessary manner, so that many users end up with excessive permissions for which they have no business need. The problem is that should any of those credentials fall into the wrong hands, attackers will have far-reaching access to sensitive data.

According to Gartner, by 2023, 75% of security failures will result from inadequate management of login credentials, identities and privileges, up from 50% in 2020.

Too Many Alerts

This may sound counterintuitive. After all, detection of suspicious activities is a good thing, right? Well, it depends. Are those alerts helping you detect malicious activities, or are they drowning you in noise?

According to study by IT security firm Bricata, the average SOC receives over 10,000 alerts each day. This is a massive figure, which no human (or team of humans) can realistically deal with. It means security managers must sift through a sea of excessive alerts and false positives to find the really important alerts which are indicative of actually malicious activity.

Insufficient Context

Everybody talks about ‘context’ but what does it actually mean? One of the key challenges in security is that looking at any single alert doesn’t actually tell you very much. Is that login in the middle of the night a hacker, or an admin working late? Is that first time API invocation an act of reconnaissance, or a DevOps engineer going about their business? Is that access to a sensitive storage bucket a new feature being released, or the last step in a data breach? Practically every user activity can be either legitimate or not, and looking at just that activity tells you almost nothing.

What you need, instead, is to be able to intelligently correlate events across multiple threat surfaces, application layers, and time span, to be able to connect event A to event B to event C – even if they are months apart – and see when you are under attack and to block it in time.


The cloud is not “more” or “less” secure; it’s different. This means you need defenses which are specifically adapted to the cloud, and to the unique threats you face there.

Although the list of vulnerabilities is almost endless, working to remediate these four common cloud vulnerabilities will help you a long way in making your cloud environment more secure.

Latest Articles

A CISO’s Essential Guide to API Security

Learn how to reduce the business risk of API attacks – and maximize the value of digital innovation.  APIs are the entry point to your organization’s most critical data and services. Their protection is crucial to reduce risks, maximize program value, and generate growth. In this guide, we take a close look at the special […]

15th September, 2022
How to Mitigate the Top 11 API Security Risks

What is an API? API is an acronym for an application programming interface. It is a set of rules that allow software programs to communicate. In the business world, APIs are important because they allow companies to share data and functions. It allows businesses to automate tasks and improve communication between departments.  API also allows […]

Shalom Carmel CIO @ GlobalDots
6th February, 2022
Top Strategies for API Security

The explosion of consumer mobile adoption, digitization of goods and services, and an increase in data generation have driven a change in the way Internet-based businesses are built and consumed. The digital economy has prompted online organizations to facilitate the creation and exchange of information to new channels, partners, and developers with the goal of […]

Nesh (Steven Puddephatt) Senior Solutions Engineer @ GlobalDots
8th April, 2021

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

Unlock Your Cloud Potential