"Cloud to Blame for Almost all Security Vulnerabilities"

According to security researchers at Palo Alto Networks' Unit 42, four out of five (80.3%) security vulnerabilities observed in organizations across all sectors come from a cloud environment.  In a newly published report, the researchers outlined the most common cloud security flaws, of which 60% come from web framework takeover (22.8%), remote access services (20.1%), and IT security and networking infrastructure (17.1%).  The researchers noted that constant changes in cloud offerings significantly impact the end-users' exposure.  The researchers found that over 45% of most organizations' high-risk, cloud-hosted exposures in a given month were observed on new services that hadn't been present on their organization's attack surface in the month prior.  The researchers noted that this finding wouldn't be too concerning if cloud providers weren't so volatile.  But they are: the researchers estimated that, on average, over 20% of externally accessible cloud services change monthly.  This volatility is even more acute in the transport & logistics and insurance & financial sectors, where organizations must deal with 27% and 24% of cloud offerings evolving on a monthly basis.

Infosecurity reports: "Cloud to Blame for Almost all Security Vulnerabilities"