CyberCX Hack Report: Insights from a year of offensive security testing

INCIDENT RESPONSE
CONTACT US
INCIDENT RESPONSE CONTACT US
CyberCX Blog

Navigating the Cloud Security Landscape

Blogs from CyberCX

Published by Cloud Security and Solutions on 1 December 2024

 

Cloud security in Australia is evolving fast, and staying ahead of threats to build cyber resilience is more critical than ever.

But what are the best ways to do this?

What are the main threats, challenges, and considerations that Australian organisations need to consider in 2025 and beyond?

Recently, we enlisted two of our cyber security experts, Aleksandar Gogic and Jacob Estrin, to host a CyberCX webinar on how organisations can identify cyber risks and build a secure strategy for their cloud environment.

Aleksandar guided us through several key takeaways, including statistics from our recent customer benchmarking reports, general market trends and challenges, and how CyberCX can help you and your organisation navigate this landscape with confidence.

Is your organisation ready for a new cyber security plan? To learn more about how you can defend against threats and embrace the opportunities of cloud, talk to the experts at CyberCX today.

 

What our customers say about cloud security

At CyberCX, a key component of our cyber security outlook is what our customers are telling us.

We frequently ask our customers to share their views on cloud security through our customer benchmarking reports.

Through customer surveys, we evaluate their current approach and gain a better understanding of the general sentiment of the market and industry.

Below are some of the key statistics from our latest benchmarking.

  • 45% of the surveyed customers said they lack clear cloud security strategies or any formal documentation about their cloud security strategies.
  • 1 in 3 of the surveyed customers identified having limited governance capabilities, either in relation to definition of roles or their change management capabilities.
  • 1 in 2 of the surveyed customers identified having data sovereignty challenges, that is, challenges relating to where their data is located. We commonly see this issue with cloud services like CDNs (content delivery networks), which capture and distribute data in an unknown or under-managed fashion. Customers may find it difficult to keep their data sovereign to Australia or their chosen jurisdiction.
  • 1 in 2 of the surveyed customers identified challenges relating to security visibility, that is knowledge of where their services are deployed, which workloads they’re running, and where their data is.
  • $1-2 million AUD is spent annually in Australia on cloud-related services. This figure has grown alongside the increase of new capabilities in the cloud and reflects the importance of general cloud services as well as security within that environment.
  • 10% of the surveyed customers consistently track return on investment for cloud adoption. We don’t know how many track ROI for cloud security, but we can assume it’s a lower figure.

 

6 key challenges for the industry

The statistics above capture the ever-changing nature of cloud security.

To gain a better understanding of where the industry is now, we asked our team of cyber security experts to outline six key challenges.

  • Complexity: The dynamic nature of cloud coupled with complex architecture and tool sprawl has created increasingly complex environments. These environments often grow organically with tailored architecture and integrations but are not always efficient. For instance, we often see customers grow accustomed to one tool, only to be sold a second tool by a vendor without the required knowledge to use both tools in a complementary way.
  • Visibility: It’s not always easy for organisations to know exactly where their servers and workers are deployed and where their data is located. Multi-cloud, cross-region cloud deployments create complexity, which impacts visibility.
  • Security alert fatigue: When cloud operation teams are using lots of different tools that feed different pieces of information, and not always with context, they may be more prone to tracking irrelevant information or false positives and overlooking significant alerts.
  • Misconfiguration: This is often caused by excessive ClickOps (i.e. configuring web infrastructure through graphical user interfaces or GUIs). ClickOps are dangerous in the sense that they can accommodate accidental changes or excessive permission to users that may cause harm. We recommend clearly defined IaC (infrastructure as code) processes that ensure security checks for anything pushed through into a production or cloud environment.
  • Governance: It’s important for organisations to enforce their security policies, standards and procedures across growing capabilities.
  • Cloud security team: If you’ve been in the hiring game for cloud services, you will know it’s difficult to find both cloud professionals and security professionals. Finding professionals with an intersection of cloud and security experience can be quite challenging.

 

6 key threats for customers

The cloud security industry and its customers not only face the general challenges above but must also develop strategies for specific threats. Below, we outline six current threats based on personal experiences with customers and industry forecasting.

  • API misconfigurations: More and more, we are seeing AIs that have been misconfigured or have underlying vulnerabilities being exploited by various threat actors.
  • Supply chain actors: Attackers with access to critical cloud components can inject malicious artifacts into software or hardware. When supply chains are compromised, workplaces and encryption mechanisms may be more susceptible to attack.
  • AI prompt injection: Attackers may manipulate LLMs (large language models) by using malicious traffic inputs disguised as genuine prompts. For instance, your finance and HR departments may both use the same LLM, but with different clearance levels. An attacker may be able to access high-clearance HR information through inputs from a low-clearance finance persona.
  • Insider threats: Insider threats are also on the rise, making a well-defined identity and access system a must.
  • Poor identity practices: We’re seeing a lot of poor identity standardisation and enforcement processes, resulting in inadequate access scope and visibility.
  • Shadow IT: It’s not uncommon for teams within an organisation to deploy shadow IT, or IT systems separate to the central systems. Someone will grab the corporate credit card, purchase a new cloud system, and spawn their own cloud environment without the usual rules of governance and risk mitigation in place.

 

The CyberCX cloud security roadmap

It’s clear that going into 2025, organisations are facing an increasing number of challenges and threats relating to cloud security. Fortunately, we can help you navigate the cloud security landscape through our proven roadmap for success – known as our ‘cloud security uplift journey’.

  • Plan: We will work with you to create a new cloud security strategy, or a cloud strategy with a sub-component of security requirements. Our goal is to outline a central architecture in line with your security requirements and industry obligations. We will also devise a roadmap that explains how you can move from your current state to the target state in the months or years ahead.
  • Transform: First, we will develop a secure landing zone by either revising your pre-existing landing zone or building a new landing zone. We will incorporate a range of cloud security solutions, including CNAP (cloud-native application protection) and CSPM (cloud security posture management). We will also securely migrate workloads into the new cloud environment and ensure we are leveraging the cloud’s native features.
  • Advise: The advising stage is closely connected to the transforming stage. At this point, we want to make sure your new cloud security environment and the uplift journey comply with best practices and government regulations. We also want to ensure your new security architecture is aligned with your business goals and doesn’t introduce any unnecessary complexities.
  • Operate: We will continue to work with you to ensure secure cloud operations, including the availability and reliability of applications, ongoing cloud security posture management, and full visibility and control of your security landscape.

 

Access the latest cloud security solutions with CyberCX

CyberCX partners with a wide range of private and government organisations to defend against cyber threats and embrace the opportunities of cloud technology. Our goal is to create and shape security environments that make sense and are well-defined and help organisations achieve their security, governance, and business objectives.

If you would like to learn more about the current cloud security landscape, including challenges, threats and opportunities for your organisation, explore our online webinar series or talk to an expert today.

 

TALK TO AN EXPERT     VIEW ALL WEBINARS

Next

Privilege Elevation and Logging Bypass Vulnerabilities in OpenText Content Manager

Other Cyber Security Resources

Shift-Left with Threat Modelling: A Quick Guide for Startups and SMEs Building Technology

Read More

Incoming Cyber Regulations: Your Guide to Staying Ahead in 2025

Read More

Harnessing the power of Named Pipes

Read More

Palo Alto Cortex XDR bypass

Read More

Ready to get started?

Find out how CyberCX can help your organisation manage risk, respond to incidents and build cyber resilience.

Talk to an expert