Connect with us

TECHNOLOGY

81% of companies had a cloud security incident in the last year

Published

on

A security camera.


As many as 81% of organisations have experienced a cloud-related security incident over the last 12 months, with almost half (45%) suffering at least four incidents.

This is according to a study by Venafi, a provider of machine identity management, which has evaluated the complexity of cloud environments and its impact on cybersecurity.

The underlying issue for these security incidents is the dramatic increase in security and operational complexity connected with cloud deployments. And, since the organizations in this study currently host two fifths (41%) of their applications in the cloud but expect increase to 57% over the next 18 months, this complexity will continue to increase.

More than half (51%) of the security decision makers (SDMs) in the study believe security risks are higher in the cloud than on premises, citing several issues that contribute to those risks. The most common cloud-related security incidents respondents have experienced are:

  • Security incidents during runtime (34%)
  • Unauthorized access (33%)
  • Misconfigurations (32%)
  • Major vulnerabilities that have not been remediated (24%)
  • A failed audit (19%)

The key operational and security concerns that SDMs have in relation to moving to the cloud are:

  • Hijacking of accounts, services or traffic (35%)
  • Malware or ransomware (31%)
  • Privacy/data access issues, such as those from GDPR (31%)
  • Unauthorized access (28%)
  • Nation state attacks (26%)

Kevin Bocek, VP of security strategy and threat intelligence at Venafi, said: “Attackers are now on board with business’ shift to cloud computing.

“The ripest target of attack in the cloud is identity management, especially machine identities. Each of these cloud services, containers, Kubernetes clusters and microservices needs an authenticated machine identity – such as a TLS certificate – to communicate securely. If any of these identities is compromised or misconfigured, it dramatically increases security and operational risks.”

The study also investigated how responsibility for securing cloud-based applications is currently assigned across internal teams.  This varies widely across organizations, with enterprise security teams (25%) the most likely to manage app security in the cloud, followed by operations teams responsible for cloud infrastructure (23%), a collaborative effort shared between multiple teams (22%), developers writing cloud applications (16%) and DevSecOps teams (10%). However, the number of security incidents indicates that none of these models are effective at reducing security incidents.

When asked who should be responsible for security cloud-based applications, again, there was no clear consensus.  The most popular option shares responsibility between cloud infrastructure operations teams and enterprise security teams (24%). The next most popular options are share responsibility across multiple teams (22%), leaves responsibility with developers writing cloud applications (16%) and DevSecOps teams (14%).

The challenges connected with shared responsibility models is that security teams and development teams have very different goals and objectives. Developers need to move fast to accelerate innovation while security teams often do not have visibility into what development teams are doing. Without this visibility, security teams cannot evaluate how those controls stack up against security and governance policies.

“Security teams want to collaborate and share responsibility with the developers who are cloud experts, but all too often they’re left out of cloud security decisions,” continued Bocek.

“Developers are making cloud-native tooling and architecture decisions that decide approaches to security without involving security teams. And now we can see the results of that approach: security incidents in the cloud are rapidly growing. We need to reset the approach to cloud security and create consistent, observable, controllable security services across clouds and applications. Architecting in a control plane for machine identity is a perfect example a new security model created specifically for cloud computing. This approach embeds security into developer processes and allows security teams to protect the business without slowing down engineers.”

Tags:



Source link

TECHNOLOGY

Why Using AI in Education Could Be a Game Changer

Published

on

Why Using AI in Education Could Be a Game Changer


An assistant to teachers and a guide to students, AI in education can transform the entire education industry.

It allows teachers and students alike to extract helpful information whenever required and has several other benefits.

Why Using AI in Education Could Be a Game Changer Keyword phrase: AI in education An assistant to teachers and a guide to students, AI in education can transform the entire education industry. It allows teachers and students alike to extract helpful information whenever required and has several other benefits. Generally, the ratio of students to teachers in a classroom is relatively high, and sometimes, managing and giving the same amount of attention to all the students for a single teacher can be difficult. AI in education can act as the teacher’s assistant and help them in various areas. Technology is advancing in all sectors and proving to be a great boon. One such industry is education. The general market for AI in education is expected to reach $25.7 billion by the year 2030. A child’s mind is curious, and they have questions that humans may sometimes fail to answer correctly. To feed this curiosity, AI in education could be the solution whenever they need it.

Use of AI in Education

AI in education has the power to optimize both teaching and learning. It will enable both teachers and students to evolve and sharpen their skills. Here are some ways AI can prove beneficial in the education sector.

Use_of_AI_in_Education.png

1. Automation of Tasks

There are certain tasks, such as planning, grading and scheduling of lessons, that take up a significant amount of the teacher’s time. This increases their workload and decreases their time and ability to teach in a classroom. By automating such manual work, teachers can free up their time and focus on their core competencies, like teaching and aiding students with special needs.

2. Personalization of Courses

By understanding the student’s learning preferences, speed of learning, and extent of knowledge, AI can churn out personalized programs to help cater to the students and enhance and simplify their learning experience. For a teacher to manually do the same task could be time-consuming, but AI can come to their aid here and simplify the personalization of courses.

3. Solutions to Queries

AI-powered chatbots have access to the entire school’s knowledge base. The chatbots can answer any repetitive or general questions without the intervention of a faculty member. This helps to speed up the doubt-clearing process for a student so that they can continue with their studies without any interruptions for themselves or the teacher.

 

Integrating AI in education allows teachers to provide students with personalized learning, which helps to enhance students’ knowledge. This helps the child to learn at their own pace. Students also have the opportunity to resolve any queries quickly and not rely on the faculty to answer their questions. The deployment of AI in education allows students to learn better and faster and helps teachers to reduce their workload by automating manual tasks. From presentations to virtual reality, technology is poised to bring about many advances in the education sector.



Source link

Continue Reading

DON'T MISS ANY IMPORTANT NEWS!
Subscribe To our Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

Trending

en_USEnglish