What Google Threat Horizons Suggests To Businesses Using The Cloud

The Google Threat Horizons report is a document that should be consulted by those involved in cyber security. It gives valuable indications to make access to cloud resources more secure by indicating which areas are the most critical. Here’s what can be seen from the 2023 data

The Google Threat Horizons 2024 edition summarizes the most recurring threats and security issues affecting the cloud.

The data relating to 2023 tell of threats that have increased in number and sophistication. This provides an overview of the cloud security provided by those like Google, who occupy a significant role in the market. Knowing the evolution of the most recurring threats and knowing how to overcome the problems they cause are crucial aspects for every SoC and every cyber security worker.

Here, we highlight the most exciting data cited in the report and, with the contribution of the IT official, ICT expert, and Clusit shareholder Salvatore Lombardo, we try to understand why companies within which a specific digital culture exists still lack cyber security to the point of making life easy for cybercrime.

The Google Threat Horizons 2024 Report

In the report, Big G highlights the main threats that the cloud is exposed to, abuse of credentials, crypto mining, and ransomware above all. It is worth remembering that, during 2023, the degree of sophistication of threats has increased not only in the cloud hemisphere but also in mobile, IoT, and the world of on-premise installations. This means that the Cloud is subject to the attention of hackers like other types of architectures, and the idea that cloud service providers are solely responsible for security is false and illusory.

Going into the depths of the report, the weak points of cloud security (specifically Google Cloud) are access credentials and configuration errors. In short, the security of the cloud also depends on that of the IT infrastructure of the companies that use it. If Big G speaks for itself, there is nothing to suggest that the cloud infrastructures of other providers do not suffer from the same problems.

Threat actors try to monetize in a variety of ways, including selling credentials or using crypto mining. Weak passwords are a boon to cyber criminals and account for 51.1% of login credential compromises. Configuration problems, among which the granting of excessive privileges to users and the lack of attention paid to system settings or those of cloud applications stand out, are a vehicle that affects more than one case in six (17.3%). In percentage terms, leaks represent the most minor problem (2.9%). Of further concern are the vulnerabilities of third-party software that contribute to weakening the fortress of the cloud.

The Cloud And Digital Culture

Companies that use cloud resources suggest – wrongly – that there is a solid digital culture within them. Google’s report says the exact opposite. It is often the case that companies prioritize innovation and growth by adopting the cloud to improve efficiency and flexibility without giving the same emphasis to data security and, therefore, not implementing adequate protection measures simply because they are not fully aware of the associated security risks or the severity of the potential consequences of a cyber attack.

There may be a lack of dedicated professionals or financial resources to invest in cyber security, or there may be no clear policies and procedures in place to protect data in the cloud, such as authorized access, encryption of sensitive data, and vulnerability management. Cloud adoption does not automatically guarantee good cybersecurity.

Companies must recognize the importance of integrating the topic of cyber security into their business practices and accordingly invest in resources, training, and technologies to protect their data. The transition to the cloud and the adoption of a digital culture are essential steps for companies, but they need more on their own. It is necessary to work closely with cloud providers to ensure alignment of security policies and precise definition of responsibilities.”

How To Mitigate Risks

There are many mitigation measures, and they can primarily be implemented at low costs.

Remaining adhering to the security measures that Google makes available to its users, it is helpful to mention two-factor authentication, the imperative request for robust and effective passwords, and, last but not least, the passwordless access mode.

By broadening the focus and evaluating the cloud in all its derivations, in addition to the measures applied by Google, every company – regardless of the cloud provider – can protect itself by using different technologies. To strengthen company perimeters, these include Identity and Access Management ( IAM ) policies, the implementation of protocols that promote secure communication between devices ( SSH ) and the correct configuration of policies and access rights to company resources.

A crucial role, especially when data transits from corporate infrastructure to the cloud, is encryption. All this takes into account the need to encourage the taking root – always and in any case – of the security culture among employees of all levels. It is not enough to secure the cloud if the company perimeter is easy prey for cybercriminals.

Also Read: Companies Achieve Higher Data Security Through Cloud Services