Every year, Rapid7's team of cloud security experts and researchers put together a report to review data from publicly disclosed breaches that occurred over the prior year. The goal of this report is to unearth patterns and trends in cloud-related breaches and persistent exposures, so organizations around the world can better protect against threats and address cloud misconfigurations in their own environments.
In the 2022 Cloud Misconfigurations Report, we reviewed 68 accounts of breaches from 2021. Let's take a brief look at some of the findings from this report, including what industries are being targeted, what the bad guys are looking to gain, and what you can do to shore up your cloud security.
For more information, read Rapid7's full 2022 Cloud Misconfigurations Report.
What industries are being targeted?
In the subset of breaches we studied, there was a broad distribution of affected industries. Our sample had the following industries represented:
InformationHealthcarePublic administrationRetailProfessional servicesArts and entertainmentManufacturingFinanceEducational servicesTransportationReal estateAccommodation and food servicesUtilitiesThis is a notable swath of industries, especially considering the sample size. Among the organizations affected by breaches, some were prominent brands and even staples of the Fortune 500, not just startups operating on shoestring budgets. These organizations have the resources and expertise to establish the gold standard of cloud security best practices, so it just goes to show that anyone is susceptible to breaches due to cloud misconfigurations.
While we found that breaches can hit any organization, no matter their size and prestige, organizations in high-risk industries — like information, healthcare, and public administration — should be especially cautious. The information industry, in particular, was represented at the top of our list, with ..
Support the originator by clicking the read the rest link below.
