Organisations take six days on average to resolve security alert: Report

On average companies take approximately six days to resolve a security alert, said the latest report by cybersecurity firm Palo Alto Networks in its latest Unit 42 Cloud Threat Report. As per the report, the rate of cloud migration — from  $370 billion in 2021 to a predicted $830 billion in 2025 — has led to threat actors exploiting common issues in the cloud, including — unpatched vulnerabilities, misconfigurations, malicious open-source software packages, and lack of authentication.

For the report, the company surveyed 1,300 organisations globally and analysed workloads in 210,000 cloud accounts and projects across all major cloud service providers (CSPs).

“Our Cloud Threat Report demonstrates that if done without a cybersecurity-first approach, a slew of vulnerabilities are quick to follow. Further compounding the matter is that 60% of organisations take longer than four days to resolve cybersecurity issues, while threat actors typically need only a few hours to wreak havoc. Without a proactive approach to cybersecurity, organisations can pay for any security tools — but comprehensive cybersecurity will not be attained”, said Anil Valluri, managing director and regional vice president — India & SAARC, Palo Alto Networks. As per the report, 80% of the alerts are triggered by just 5% of security rules in most organisations' cloud environments. 

The report noted that user errors like insecure configuration are the primary concern, but issues arising from default configurations provided by CSPs, though convenient, do not provide good security. Adding to this, 76% of the organisations do not enforce multifactor authentication for console users; further, sensitive data was found in 63% of the publicly exposed storage buckets. 

Further, open-source software (OSS) has driven the cloud revolution but its increased adoption has also hiked security complexity. There has been an increase in the likelihood of depreciated or abandoned software, malicious content and slower patching cycles. The onus is generally on the end user to check the OSS before integrating into their applications. The Unit 42 report shows that 51% of codebases depend on more than 100 open-source packages but developers directly import only 23% of the packages.