Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Report sounds the alarm on toxic cloud exposures threatening Indian organisations – ET CISO

Report sounds the alarm on toxic cloud exposures threatening Indian organisations – ET CISO

Report sounds the alarm on toxic cloud exposures threatening Indian organisations – ET CISO

https://etimg.etb2bimg.com/thumb/msid-114090161,imgsize-402500,width-1200,height=765,overlay-etciso/research/report-sounds-the-alarm-on-toxic-cloud-exposures-threatening-indian-organisations.jpg


<p>Rajnish Gupta</p>
Rajnish Gupta

Tenable, the exposure management company, released the Tenable Cloud Risk Report 2024, highlighting that organisations globally and in India are unknowingly exposed to the “toxic cloud triad,” a trifecta of cloud security risks that could lead to severe data breaches and financial losses.

The report is based on extensive analysis of billions of cloud assets across data gathered from billions of cloud assets across multiple public cloud environments. The data collected during the first half of 2024 (Jan – Jun) includes a comprehensive set of cloud workload and configuration information from real-world cloud assets in active production.

With the rapid adoption of cloud technology across industries in APAC, the report underscores the challenges posed by misconfigurations, excessive permissions, and critical vulnerabilities that open doors to threat actors. The findings reveal that 38% of organisations have at least one publicly exposed, critically vulnerable, and highly privileged cloud workload, forming the toxic cloud triad.

Many breaches reported worldwide in 2024 resulted from 1-day vulnerabilities exploited on exposed workloads. Of these, some of the most dangerous breaches involved lateral movement by using the privileges of the compromised workloads.

“With cyber risks spreading across every corner of the business, the threat level has become unsustainable,” said Rajnish Gupta, Country Manager, Tenable India. “To tackle the biggest vulnerabilities, organisations need to understand toxic cloud triads and other risky combinations—and know exactly what data is exposed. Attackers exploit the gaps, slipping through outdated defences that can’t keep up or react fast enough.”

Additional key findings from Tenable’s Cloud Research team include:

84% of organisations have risky access keys to cloud resources: The majority of organisations (84.2%) possess unused or longstanding access keys with critical or high severity excessive permissions, a significant security gap that poses a substantial risk.

23% of cloud identities have critical or high severity excessive permissions: Analysis of Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure reveals that 23% of cloud identities, both human and non-human, have critical or high severity excessive permissions.

Critical vulnerabilities persist: Notably, CVE-2024-21626, a severe container escape vulnerability that could lead to the server host compromise, remained unremediated in over 80% of workloads even 40 days after its publishing.

74% of organisations have publicly exposed storage: 74% of organisations have publicly exposed storage assets, including those in which sensitive data resides. This exposure, often due to unnecessary or excessive permissions, has been linked to increased ransomware attacks.

78% of organisations have publicly accessible Kubernetes API servers: Of these, 41% also allow inbound internet access. Additionally, 58% of organisations have cluster-admin role bindings — which means that certain users have unrestricted control over all the Kubernetes environments.

  • Published On Oct 10, 2024 at 11:12 AM IST

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles


Scan to download App

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket