CloudPassage Survey: Exponential Server Growth, Dynamics of Cloud Increase Attackable Surface Area and Risk

August 22, 2016 Off By David
Grazed from CloudPassage

CloudPassage today announced the results of a survey revealing the impact of cloud deployment on enterprise security risk. The company surveyed information security professionals attending the Black Hat 2016 Conference and found that the agility, scalability and dynamic nature of the cloud has increased the number of server workloads and attackable surface area that require protection and monitoring. At the same time, security staff sizes remain the same, and many are still not automating security controls on cloud workloads.

Key Findings

  • An overwhelming number (94 percent) of respondents noted that when moving from traditional data centers to a cloud infrastructure environment, they increased the number of server workloads (and, thus, their attackable surface area) by a factor of two to 100 times.
  • Of those who reported an increase in the number of server workloads when they moved to the cloud, a third of respondents (33 percent) reported they doubled the number of server instances from the number in their traditional data centers. A quarter (25 percent) reported the number of server instances to be five times higher in the cloud than in their traditional data centers.
  • 95 percent of respondents noted that they must create, modify or retire server workloads anywhere from two to 100 times more frequently in cloud infrastructure environments than in their traditional data centers.
  • 85 percent of IT security professionals said security team hiring has not kept pace with the rate at which new server workloads are created, changed or retired in the cloud.
  • Only 28 percent of respondents are leveraging a full suite of tools that enable them to secure and audit cloud server workloads automatically when configuring and deploying them; 37 percent have some security automation tools for configuration and deployment, but another 35 percent are not automating security for configuration or deployment at all.
  • The majority of respondents (62 percent) reported they are beginning to automate some or all of the tools they use to secure and audit workloads in cloud infrastructure environments. Respondents said the security tools they most commonly automate are: firewalls and segmentation tools (19 percent) and intrusion detection tools (18 percent).

"Adopting cloud infrastructure and agile application delivery creates exponential growth in server workloads, meaning more potentially attackable surface area and more security management overhead," said Carson Sweet, co-founder and chief technology officer of CloudPassage. "At the same time, organizations rarely increase the size of their security teams at all, much less enough to keep up with the higher scale and pace. While organizations have started to understand that cloud infrastructure can deliver faster development, deployment, and innovation cycles, many are not thinking about the related impact to security operations. It only takes one compromise to derail adoption of these new technologies and wreck the value they otherwise could have added. We hope enterprises seek to protect these investments sooner than later by enabling security that’s dynamic, automated and on-demand…in other words, agile security that can harmonize with more broadly agile IT delivery models."

Supporting Quote

Adrian Sanabria, Senior Security Analyst, 451 Group: "There’s less and less separation between building out the application and building out the infrastructure. Security has to be built in. It has to be automated. It’s no longer something we deploy manually."

Survey Methodology
To gather this data, live interviews were conducted with IT security professionals attending the Black Hat USA Conference from August 2-4, 2016.