Cybersecurity solutions firm Palo Alto Networks has cautioned that organisations are not as secure as they assume they are and wanted them to have a visibility on their networks to plug vulnerabilities, if any.

In the Unit 42 Cloud Threat Report, which assessed real breaches that impacted over 1,300 medium and large-size companies last year, it flags several issues that can expose organisations to cyber attacks. It also analysed the impact of open-source software (OSS).

It takes about six days on average for security-defending teams at organisations to resolve a security alert. For a majority (60 per cent) of them, it takes more than four days.

Interestingly, about 80 per cent of the alerts are triggered by just 5 per cent of security rules in the cloud environments of most organisations. 

Also read: What is cyber insurance? Do small units need cover?

The absence of enforcement of multi-factor authentication is also reported.

“With the rate of cloud migration showing no sign of slowing down—from $370 billion in 2021 and predicted to reach $830 billion in 2025 – threat actors are looking to exploit common issues in the cloud,” the report said.

Vulnerabilities included misconfigurations, weak credentials, lack of authentication, unpatched vulnerabilities, and malicious opensource software packages. 

Serious note

“India’s accelerated digital transformation has meant that more sensitive data is stored in the cloud today, making it easier for adversaries to attack,” Anil Valluri, MD and regional Vice-President (India & SAARC) of Palo Alto Networks, said.

“This digital transformation is being made in anticipation of benefits such as enhanced agility, lowered costs, flexibility, and accessibility. If done without a cybersecurity-first approach, a slew of vulnerabilities are quick to follow,” he cautions.

While it takes more than four days for organisations to resolve cybersecurity issues, threat actors typically need only a few hours to wreak havoc, he said.

“The bottom line to our findings is simple: your organisation may not be as secure as you think. It is time for us to take serious note of today’s threat landscape.” Valluri added.

comment COMMENT NOW