On average, organisations take six days to resolve a security alert: Palo Alto Networks Unit 42 Cloud Threat Report

0

Palo Alto Network released the Unit 42 Cloud Threat Report, Volume 7. It looks at data collected over the past 12 months and provides a wide-angle view of the status of common misalignments, leaving the door open to malicious activity.

Unit 42 looked at more than 1,300 organisations to create this report and analysed the workloads in 210,000 cloud accounts/subscriptions/projects across all major CSPs. With the rate of cloud migration showing no sign of slowing down—from $370 billion in 2021 and predicted to reach $830 billion in 2025 – threat actors are looking to exploit common issues in the cloud, including misconfigurations, weak credentials, lack of authentication, unpatched vulnerabilities, and malicious open source software packages.

Key findings from the report include:

  • On average, security teams take 145 hours (approximately six days) to resolve a security alert, with 60% of organisations taking longer than four days to resolve security issues.
  • 80% of the alerts are triggered by just 5% of security rules in most organisations’ cloud environments.
  • 63% of the codebases in production have unpatched vulnerabilities rated high or critical on the Common Vulnerability Scoring System (CVSS ≥ 7.0)
  • 76% of organisations don’t enforce Multifactor Authentication for console users, while 58% don’t enforce MFA for root/admin users.
  • Sensitive data, such as personal identifiable information, financial records, or intellectual property, are found in 66% of storage buckets and 63% of publicly exposed storage buckets.
  • 51% of codebases depend on more than 100 open-source packages. However, developers directly import only 23% of the packages.

“India’s accelerated digital transformation has meant that more sensitive data is stored in the cloud today—making it easier for adversaries to attack. This digital transformation is being made in anticipation of benefits such as enhanced agility, lowered costs, flexibility, and accessibility. However, our Cloud Threat Report demonstrates that if done without a cybersecurity-first approach, a slew of vulnerabilities are quick to follow. Further compounding the matter is that 60% of organisations take longer than four days to resolve cybersecurity issues, while threat actors typically need only a few hours to wreak havoc ”, said Anil Valluri, MD & regional vp – India & SAARC, Palo Alto Networks. “Without a proactive approach to cybersecurity, organisations can pay for any security tools – but comprehensive cybersecurity will not be attained.

“The bottom line to our findings is simple: your organisation may not be as secure as you think. It is time for us to take serious note of today’s threat landscape.” Valluri added.

LEAVE A REPLY

Please enter your comment!
Please enter your name here