Almost as quickly as we experienced the pivot to work-from-home and to move-to-the-cloud to minimize the economic impact of the pandemic, we also saw what felt like a pick up in significant cyberattacks, from the Solarwinds supply chain attack to a raft of ransomware incidents.
How can your organization avoid such attacks? Did moving workers home and more workloads to the cloud actually increase the cyber risk for businesses? David Christensen, who has spent a decade working on cloud security at several startups and is now director of Global InfoSec Engineering and Operations for cloud and digital transformation at fintech B2B company WEX, believes that a little-known vulnerability is the cause of many of today’s cloud security issues.
He says the biggest security gap today in the cloud has to do with cloud entitlements. Anything running in the cloud must have some sort of entitlement associated with it for it to interact with other resources — for instance, giving a server permission to access a particular storage or giving a server the ability to launch another service.