Cloud Infrastructure And SaaS

The user has become a more important attack vector than the device since COVID-19, meaning that businesses must think about risk in the context of both identity and device rather than just the device, said Tim Erlin, Tripwire’s vice president of strategy. Companies must examine the risk associated with each connection request, considering the sensitivity of the resource they’re looking to access, he said.

Most organizations are now securing cloud workloads, but cloud infrastructure, configurations and SaaS continue to remain a blind spot for a majority of businesses, according to Erlin. Companies don’t understand the risks associated with misconfigured cloud or SaaS accounts, and lack the resources, expertise and tools to properly secure cloud infrastructure, Erlin said.

More attackers are leveraging containers and cloud misconfigurations in their exploits due to the lack of cybersecurity instrumentation available for defenders, according to Erlin. In response, businesses are moving away from control-specific measurements around vulnerabilities and malware incidents toward a more comprehensive risk measurement capability that’s meaningful for the whole organization.