Security Teams Not Keeping Up With Exponential Cloud Server Growth

No shift to the cloud comes without a conversation about security, and for attendees of the annual Black Hat security conference, one of the main issues about moving companies to cloud computing is seen to be the increase of the attackable surface area.

Almost all of the respondents to a survey conducted by CloudPassage at the conference noted that when moving from traditional data centres to a cloud infrastructure environment, they increased the number of server workloads by a factor of two to 100 times.

‘Attackable surface area’

This, in turn, greatly increases their attackable surface area, and enterprises are worried. In fact, over three quarters of respondents said that security team hiring in the enterprise has not kept pace with this rate at which new server workloads are created, changed or retired in the cloud.

“Adopting cloud infrastructure and agile application delivery creates exponential growth in server workloads, meaning more potentially attackable surface area and more security management overhead,” said Carson Sweet, co-founder of CloudPassage. “At the same time, organisations rarely increase the size of their security teams at all, much less enough to keep up with the higher scale and pace.

Of those who reported an increase in the number of server workloads when they moved to the cloud, a third of respondents reported they doubled the number of server instances from the number in their traditional data centres. A quarter reported the number of server instances to be five times higher in the cloud than in their traditional data centres.

Only 28 percent of respondents to the survey reported that they are leveraging a full suite of tools that let them to secure and audit cloud server workloads automatically when configuring and deploying them. However, 37 percent have some security automation tools for configuration and deployment, but another 35 percent are not automating security for configuration or deployment at all.

Adrian Sanabria, security analyst at 451 Group, said: “There’s less and less separation between building out the application and building out the infrastructure. Security has to be built in. It has to be automated. It’s no longer something we deploy manually.”

Take our cybersecurity in 2016 quiz here!

Ben Sullivan

Ben covers web and technology giants such as Google, Amazon, and Microsoft and their impact on the cloud computing industry, whilst also writing about data centre players and their increasing importance in Europe. He also covers future technologies such as drones, aerospace, science, and the effect of technology on the environment.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago