Case studies provide understanding of how lessons and mitigation concepts can be applied in real-world scenarios with identity and access management controls the most relevant mitigation
SEATTLE – Sept. 23, 2020 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today released Top Threats to Cloud Computing: Egregious 11 Deep Dive. The new report provides case study analyses for last year’s The Egregious 11: Top Threats to Cloud Computing with nine recent cybersecurity attacks and breaches. The deep dive into the Egregious 11 captures cloud computing’s most significant and pressing issues with additional details and actionable information meant to be used as a starting point by cloud architects and engineers for their own analysis and comparisons.
“These anecdotes will let cybersecurity managers better communicate with executives and peers in addition to providing context for discussions with technical staff and offers in-depth detail for implementing mitigations and countermeasures from a security analysis standpoint,” said Jon-Micheal C. Brook, CISSP, CCSK, chair, Top Threats Working Group and one of the paper’s lead authors.
Using nine actual attacks and breaches cited in the Top Threats Deep Dive, including a major financial services company, a leading enterprise video communications firm, and a multinational grocery chain for its foundation, the paper connects the dots between the CSA Top Threats in terms of security analysis. Each example offers a reference chart with an attack-style synopsis of the actor spanning from threats and vulnerabilities to end controls and mitigations, along with a detailed narrative.
“These case studies identify where and how CSA Top Threats fit in a greater security analysis while providing a clear understanding of how lessons and mitigation concepts can be applied in real-world scenarios,” said John Yeoh, Global Vice President of Research, Cloud Security Alliance.
Each case study’s mitigation controls were mapped according to how frequently they were relevant in the context of the Cloud Controls Matrix’s 16 domains. Identity and access management controls (IAM) were the most relevant mitigation in this year’s report, accounting for eight of the nine case studies, while Security Incident Management, e-Discovery, and Cloud Forensics (SEF), including planning for an attack fallout and executing on the plan, was deemed paramount to successfully dealing with all but one of the incidents cited. IAM controls are referenced 15 times and SEF controls are referenced 17 times in the cited attacks.
The CSA Top Threats Working Group aims to provide organizations with an up-to-date, expert-informed understanding of cloud security risks, threats and vulnerabilities in order to make educated risk-management decisions regarding cloud adoption strategies. Companies and individuals interested in learning more or joining the group can visit the Top Threats Working Group page.
Top Threats to Cloud Computing: Egregious 11 Deep Dive was sponsored by ExtraHop. CSA research prides itself on vendor neutrality, agility, and integrity of results. Sponsors are CSA Corporate Members who support the findings of the research project but have no added influence on the content development or editing rights of CSA research.
ExtraHop is on a mission to arm security teams to confront active threats and stop breaches. ExtraHop is a market share leader in network detection and response with 30 recent industry awards including Forbes AI50, Cybercrime Ransomware 25, and SC Media Security Innovator.
About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA’s activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us atwww.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.