World Tour Survey: Cloud Engineers Wrestle with Risk

Cybercriminals have more tools than ever to disrupt business operations, steal data for ransom, and manipulate employees into exposing sensitive information. Generative AI (GenAI) is taking those capabilities to new levels by enhancing phishing attacks and enabling audio and video deepfakes.

Security professionals are also facing new pressures from chief executives and corporate boards who increasingly understand the legal, financial, and reputational risks cyber threats pose to businesses.

To find out how these and other developments are shaping the day-to-day experience of cybersecurity professionals worldwide, Trend conducted its inaugural Risk to Resilience World Tour Survey. We surveyed more than 750 cybersecurity professionals in 49 countries, with a focus on four key roles:

• Chief information security officer (CISO) –Read more here.
• Security operations center (SOC) team – Read more here
• IT operations staff – Read more here
• Cloud security engineers

This blog explores our findings from cloud security engineer respondents. Check out the full report, The Defenders, to read about the other roles.

Cloud security engineers: Letting in the light

Modern enterprises depend on cloud services, applications, and infrastructure—making the protection of cloud assets and services vitally important. The expertise of cloud security engineers is required to provide visibility into the full range of cloud exposures.

Compliance is critical

While organizations can benefit immensely from the cloud, compliance needs to accounted for. Cloud environments require special protection because they typically store sensitive data that is governed by strong compliance requirements for data storage, protection, and transaction management. Customer data and personal identifying information (PII) breaches run the risk of negatively impacting your financial and/or reputational standing.

Gaining full visibility into cloud vulnerabilities, misconfigurations, and threat activity helps mitigate this risk. Yet cloud telemetry has long been siloed from the rest of the security stack. Cloud security engineers understand that this needs to change, with survey results indicating that mapping risk, misconfigurations and vulnerabilities is their top challenge (27%) when implementing and maintaining cloud security. Misconfigurations in particular continue to be the primary access point for attackers into cloud infrastructure.

Minimizing exposure at high speed

The Risk to Resilience World Tour Survey indicates that cloud security engineers face other challenges as well. These include visibility of publicly exposed assets and APIs (20%) as well as, at the same percentage, businesses pursuing innovation while needing to fully protect data and applications in hybrid cloud environments.

Read More HERE