Misconfiguration Worries Grow

Misconfigurations are a major security concern when running business applications in the public cloud. Errors in how infrastructure, applications and policies are set up can have significantly different impacts, but they all get labeled under the heading of “misconfiguration.”
First the bad news. In the SANS Institute‘s latest survey of information security professionals, 54% believe that poorly configured or insecure interfaces or APIs are a major concern when it comes to business applications, which is an increase from the 46% that felt that way in the 2019 version of the study. One in every 2.5 security pros concerned about these types of misconfigurations actually saw their fears come true in the last 12 months with an insecure interface or API being exploited.
Contrast that to the experience with poorly configured or quickly spun up cloud native workloads (serverless or container-based). Concerns about this problem have also increased, going from 41% to 46% of the survey. Yet, when it comes to actually experience problems, that has not followed at that same pace. In the 2021 study, only 20% had recently experienced a relevant incident, which is six percentage points lower than in 2019.
When an actual incident did occur, a misconfigured cloud resource or service was a culprit 49% of the time. Attacks against insecure APIs and cloud providers are also on the rise. For all the increases, there were also dramatic declines. For breaches that impacted business applications running in a public cloud, privileged user abuse and unauthorized applications were much less likely to be underlying causes. That’s good news for everyone except for investors in companies in the identity and role-based management space.

Source: SANS 2021 Cloud Security Survey.