▾ G11 Media Network: | ChannelCity | ImpresaCity | SecurityOpenLab | Italian Channel Awards | Italian Project Awards | Italian Security Awards | ...
InnovationOpenLab

Sysdig Finds that Companies are Prioritizing Convenience and Speed Over Cloud Security Best Practices

Sysdig, the leader in cloud security powered by runtime insights, today announced findings from its “2024 Cloud-Native Security and Usage Report.” Looking at real-world data, the seventh annual re...

Business Wire

Report exposes slow shift-left adoption, rampant identity management risk, and cautious AI rollout across enterprises

SAN FRANCISCO: Sysdig, the leader in cloud security powered by runtime insights, today announced findings from its “2024 Cloud-Native Security and Usage Report.” Looking at real-world data, the seventh annual report details the dangerous practice of putting convenience before preventive security in pursuit of faster application development. This report comes on the heels of significant infrastructure breaches across well-known organizations and the recently updated Securities and Exchange Commission (SEC) cybersecurity and disclosure rules.

Derived from an analysis of millions of containers and thousands of cloud accounts, users, and roles, the “2024 Cloud-Native Security and Usage Report” explores how companies of all sizes and industries across the globe are using and securing cloud and containerized environments. Meet the researchers behind the report.

Report Highlights

69% of enterprises have yet to embed AI into their cloud environments: While 31% of companies have integrated AI frameworks and packages, only 15% of these integrations are used for generative AI tools such as large language models (LLMs). Considering the risk acceptance described in this year’s report, organizations are ignoring security best practices, yet they are cautious when it comes to implementing AI into their enterprise environments.

91% of runtime scans fail: In shift-left security, organizations scan early and often during the development phase, recognizing failed builds, correcting the code, and then redeploying. The goal is to catch issues before delivery, and before they become exploitable conditions for attackers. However, with 91% of runtime scans failing, teams appear to be relying more on threat detection than prevention.

Only 2% of granted permissions are being used: Identity management – for both humans and machines – has become the most overlooked cloud attack risk and opportunity for companies to improve their security posture, especially in light of well-known 2023 attacks that took advantage of overly permissive identities. In last year’s report, Sysdig saw 90% of permissions going unused, showing that this trend has worsened year over year.

Shorter container lifespans are not stopping attackers: The homogenous nature of cloud environments and attackers’ usage of automation for discovery and reconnaissance gives them a near-instant understanding of cloud environments and their opportunities to move laterally. Running vulnerable workloads, no matter how short-lived, leaves organizations at risk for attacks.

“Attackers are leveraging automation to exploit every point of weakness they can uncover,” said Crystal Morin, Cybersecurity Strategist at Sysdig. “This year’s report shows that many companies are chasing faster innovation at the cost of more comprehensive security – a gamble that poses real business risks.”

“Though I am unsurprised by the apprehension around the security of new technologies like AI, I am disheartened by the massive number of excessive permissions being administered, especially for machine identities. It feels a bit like obsessing over a plane crash while regularly running stop signs with no seatbelt on,” said Anna Belak, Director, Office of Cybersecurity Strategy at Sysdig.

Learn More About the Report

About Sysdig

In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights and open source Falco. Sysdig correlates signals across cloud workloads, identities, and services to uncover hidden attack paths and prioritize real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation. Sysdig. Secure Every Second.

Fonte: Business Wire

If you liked this article and want to stay up to date with news from InnovationOpenLab.com subscribe to ours Free newsletter.

Related news

Last News

RSA at Cybertech Europe 2024

Alaa Abdul Nabi, Vice President, Sales International at RSA presents the innovations the vendor brings to Cybertech as part of a passwordless vision for…

Italian Security Awards 2024: G11 Media honours the best of Italian cybersecurity

G11 Media's SecurityOpenLab magazine rewards excellence in cybersecurity: the best vendors based on user votes

How Austria is making its AI ecosystem grow

Always keeping an European perspective, Austria has developed a thriving AI ecosystem that now can attract talents and companies from other countries

Sparkle and Telsy test Quantum Key Distribution in practice

Successfully completing a Proof of Concept implementation in Athens, the two Italian companies prove that QKD can be easily implemented also in pre-existing…

Most read

Roblox to Report Second Quarter 2025 Financial Results on July 31, 2025

Roblox Corporation (NYSE: RBLX) today announced that it will report the company’s second quarter 2025 financial results before the opening of the U.S.…

NiCE Unveils 2025 International CX Excellence Award Winners, Spotlighting…

#AI--NiCE (Nasdaq: NICE) today announced the winners of its 2025 International CX Excellence Awards, honoring organizations from across EMEA and APAC…

LambdaTest Announces Deeper Collaboration with Appium as Strategic Partnership

#AI--LambdaTest, a unified agentic AI and cloud engineering platform, has announced it has become a strategic sponsor of Appium, the world’s most widely…

ReSource Pro Makes Strategic Acquisition of Propellint; Expands Technology…

ReSource Pro today announced it has acquired Propellint, a technology services firm specializing in implementation and support for insurance platforms…

Newsletter signup

Join our mailing list to get weekly updates delivered to your inbox.

Sign me up!