▾ G11 Media Network: | ChannelCity | ImpresaCity | SecurityOpenLab | GreenCity | Italian Channel Awards | Italian Project Awards | ...
InnovationOpenLab

Sysdig Finds that Companies are Prioritizing Convenience and Speed Over Cloud Security Best Practices

Sysdig, the leader in cloud security powered by runtime insights, today announced findings from its “2024 Cloud-Native Security and Usage Report.” Looking at real-world data, the seventh annual re...

Business Wire

Report exposes slow shift-left adoption, rampant identity management risk, and cautious AI rollout across enterprises

SAN FRANCISCO: Sysdig, the leader in cloud security powered by runtime insights, today announced findings from its “2024 Cloud-Native Security and Usage Report.” Looking at real-world data, the seventh annual report details the dangerous practice of putting convenience before preventive security in pursuit of faster application development. This report comes on the heels of significant infrastructure breaches across well-known organizations and the recently updated Securities and Exchange Commission (SEC) cybersecurity and disclosure rules.

Derived from an analysis of millions of containers and thousands of cloud accounts, users, and roles, the “2024 Cloud-Native Security and Usage Report” explores how companies of all sizes and industries across the globe are using and securing cloud and containerized environments. Meet the researchers behind the report.

Report Highlights

69% of enterprises have yet to embed AI into their cloud environments: While 31% of companies have integrated AI frameworks and packages, only 15% of these integrations are used for generative AI tools such as large language models (LLMs). Considering the risk acceptance described in this year’s report, organizations are ignoring security best practices, yet they are cautious when it comes to implementing AI into their enterprise environments.

91% of runtime scans fail: In shift-left security, organizations scan early and often during the development phase, recognizing failed builds, correcting the code, and then redeploying. The goal is to catch issues before delivery, and before they become exploitable conditions for attackers. However, with 91% of runtime scans failing, teams appear to be relying more on threat detection than prevention.

Only 2% of granted permissions are being used: Identity management – for both humans and machines – has become the most overlooked cloud attack risk and opportunity for companies to improve their security posture, especially in light of well-known 2023 attacks that took advantage of overly permissive identities. In last year’s report, Sysdig saw 90% of permissions going unused, showing that this trend has worsened year over year.

Shorter container lifespans are not stopping attackers: The homogenous nature of cloud environments and attackers’ usage of automation for discovery and reconnaissance gives them a near-instant understanding of cloud environments and their opportunities to move laterally. Running vulnerable workloads, no matter how short-lived, leaves organizations at risk for attacks.

“Attackers are leveraging automation to exploit every point of weakness they can uncover,” said Crystal Morin, Cybersecurity Strategist at Sysdig. “This year’s report shows that many companies are chasing faster innovation at the cost of more comprehensive security – a gamble that poses real business risks.”

“Though I am unsurprised by the apprehension around the security of new technologies like AI, I am disheartened by the massive number of excessive permissions being administered, especially for machine identities. It feels a bit like obsessing over a plane crash while regularly running stop signs with no seatbelt on,” said Anna Belak, Director, Office of Cybersecurity Strategy at Sysdig.

Learn More About the Report

About Sysdig

In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights and open source Falco. Sysdig correlates signals across cloud workloads, identities, and services to uncover hidden attack paths and prioritize real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation. Sysdig. Secure Every Second.

Fonte: Business Wire

If you liked this article and want to stay up to date with news from InnovationOpenLab.com subscribe to ours Free newsletter.

Related news

Last News

ShopFully goes shopping in Spain (again)

ShopFully, the Italian company leader in Europe in drive-to-store solutions, acquired the Spanish Ofertia.

Sicily is more and more digitally connected

Thanks to EXA Infrastructure investments, more routes provide rapid access to mainland Italy and beyond

Italian startup Audio Innova combines AI and metaverse for art preservation

Audio Innova won the first prize in the "Creative AI" category at WAICF in Cannes

Sparkle expands its international network to Iraq

With a new Point of Presence in Erbil, Sparkle consolidates its positioning as leading global Tier-1 operator

Most read

Sicily is more and more digitally connected

Thanks to EXA Infrastructure investments, more routes provide rapid access to mainland Italy and beyond

ShopFully goes shopping in Spain (again)

ShopFully, the Italian company leader in Europe in drive-to-store solutions, acquired the Spanish Ofertia.

Globalstar, Inc. Earnings Release and Call Notice

Globalstar, Inc. (NYSE American: GSAT) will announce its fourth quarter and annual 2023 financial and operating results on Wednesday, February 28, 2024…

Altimetrik Unveils a Market First Digital Business Methodology

With global spending on digital technologies and AI projected to exceed $3.4 trillion by 2026, the urgency to embrace digital business has never been…

Newsletter signup

Join our mailing list to get weekly updates delivered to your inbox.

Sign me up!