Rain, Hail, or Insider threat? A Risk-Based Approach to Cloud Threats
Summary
This article discusses the growing risks of cloud threats, highlighting that 24% of breaches involve cloud assets and 25% of breaches stem from internal incidents, with nearly half of those being malicious. It announces a talk that will cover monitoring cloud threats, the evolution of insider threats, abuse of cloud controls with AWS as an example, real-world attacks, detection methods using UEBA and machine learning, and cloud threat modeling.
IFF Assessment
The article promotes a talk about cloud threat monitoring and detection, offering valuable insights and techniques for defenders.
Defender Context
Organizations must be aware that cloud environments, while offering scalability and accessibility, also present significant risks from both external and internal threats. Defenders should focus on robust monitoring strategies that incorporate UEBA and machine learning to detect the misuse of cloud controls and insider activities, as well as develop comprehensive cloud threat models.