Skip to main content
close search
site logo
Dive Brief

Supply chain attacks renew focus on limiting privileged access to cloud data

Published Jan. 29, 2021
David Jones's headshot
Reporter
Port of Rotterdam

Dive Brief:

  • Companies need to limit their amount of privileged access as a growing number of firms accelerate the use of public cloud infrastructure, according to Arick Goomanovsky, co-founder and chief business officer at Ermetic. 
  • A large percentage of firms are getting out of storing critical information in on-site data centers and moving their data to cloud-based systems, according to 451 Research. This is especially the case since the acceleration of remote work due to COVID-19.
  • Traditional methods of securing access privileges may not be enough to protect cloud data infrastructures from attack, according to Ermetic.

Dive Insight:

The recently disclosed nation-state attack on SolarWinds has forced open a debate in the IT and cybersecurity industries about whether companies need to reduce the level of access privileges outside vendors and internal administrators have to critical company data. 

A malicious threat actor can weaponize a compromised vendor and if a company grants too much access, the actor can take control over various functions and data going through the supply chain.

In 2019, Capital One was hit by a massive data breach, which compromised the data of 106 million customers from the U.S. and Canada. A former Amazon Web Services employee was charged with exploiting a misconfigured web application firewall, which exposed millions of credit card applications. 

The hack opened up a debate over the risks of public cloud storage. However, Capital One stuck with AWS and became the first major U.S. financial institution to finish moving its entire infrastructure to the public cloud. 

"In the Capital One story, this is actually what happened, the threat actor was able to use the compromised identity and use its elevated permissions to move towards the more interesting resources, access S3 buckets and exfiltrate that information out," Goomanovsky said during a webinar this week. 

If Capital One had been able to map all of its privileged identities and map what were the effective permissions across the infrastructure, they would have been able to see there was an elevated identity in their environment, he said.

By the year 2022, the percentage of workloads executed in public cloud environments, including SaaS and IaaS, will reach 52%, compared to 26% during 2020, according to Garrett Bekker, a principal analyst in the information security practice at 451 Research. 

Over the same period, traditional on premises workloads will drop significantly to 17% by 2022, compared with 46% in 2020.

Recommended Reading

Filed Under: Strategy, Breaches

Editors' picks

Company Announcements

View all | Post a press release
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
Editors' picks
Latest in Strategy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell