What are the top cloud security threats in the market today.

94% of organizations are moderately to extremely concerned about cloud security. When asked about what are the biggest security threats facing public clouds, organizations ranked misconfiguration (68%) highest, followed by unauthorized access (58%), insecure interfaces (52%), and hijacking of accounts (50%).

What are the top cloud security threats in the market today.

The Problems with
Passwords
As an identity and access management professional,
you know that passwords are a problem. Your users
hate having to create accounts with them. Your security
teams worry about email phishing attacks, credential
theft, and data breaches.
The average user has more than 90 accounts.
Remembering passwords is hard, which is why more
than 50% of users have reused passwords across
multiple websites.
 
 Creating passwords that rely on
personal information makes accounts vulnerable to
dictionary attacks. Using a password management
system is one way to deal with the password problem,
but some of these services themselves are vulnerable.
 
The ForgeRock Consumer Identity Breach Report
2020 found that unauthorized access was the number
one attack method used by cybercriminals for 43%
of breaches. Of the industries surveyed in the report,
the healthcare sector suffered 34% of all breaches,
followed by financial services at 12%.
 
In 2018, Iowa’s UnityPoint Health’s business email
system fell victim to a series of email phishing attacks
targeting employee credentials. While the motive was
likely to steal funds from the company, the attacks also
resulted in leaking protected patient health information
(PHI) and/or personal financial information.
 
Breaches due to credential theft are not going away.
Organizations can try to protect themselves and their
employees and customers through security training,
email security measures, and stronger authentication.
But until username and password authentication is
replaced with more secure methods, credential theft
will continue to be a favored tactic for attackers
 
 
Strong Authentication
 
Many applications and services now offer “strong
authentication,” using either two-factor authentication
(2FA) or multi-factor authentication (MFA).
2FA requires a user to first authenticate with a
username and password and then a second factor
reliant on a one-time passcode (OTP). These are
typically delivered via an authenticator app, a response
to a push notification on a mobile app, or – least
securely – over the SMS text messaging protocol.
With 2FA, the second authentication factor must be
presented at each authentication attempt.
MFA incorporates more contextual attributes – more
types of authenticators and more context – such as
user device, browser, IP, location, or time of day. Some
MFA solutions may require the user to authenticate
more or less, depending on the session context.
 
Types of authenticators
 
FIDO2 relies on public/private key pairs stored securely
on local hardware and FIDO2-compliant browsers
that interact with services to mint secure public/
private key credentials for each service. The private
keys in each key pair are stored locally and never
leave the user’s authenticator. The public keys are
used by the authentication server to encrypt and sign
communication to the users’ endpoint devices.
The storage capability of the user’s local authenticator
determines whether we can enable “usernameless” as
well as passwordless authentication.
Platform authenticators
, based on the trusted
platform module (TPM) or secure enclave installed on
many laptops and phones, are usually unlocked by a
biometric sensor, as in Microsoft Windows Hello or
Apple TouchID.
Cross-platform, or “roaming,” hardware
authenticators
 present a user’s access claims to
another service or device. Examples of these are Google
Titan security keys, YubiKeys, or Duo authenticators
that use USB, near-field communication (NFC), and
Bluetooth. When activated by inserting into a USB port,
pressing a button, or by tapping, the authenticator
sends a signed response that validates the user’s login.
Smartphones can also act as authenticators.
By relying on the secure credentials
stored on the user’s own trusted
hardware, FIDO2 WebAuthN
enables authentication without
usernames and passwords, virtually
eliminating the potential for data
breaches related to credential theft.
 
Benefits of passwordless
authentication
 
Secure:
 Login credentials are unique for every
website, and never leave the user’s device.
Unlike username and password, credentials are
never transmitted on the wire, thus eliminating
person-in-the-middle attacks.
•
Convenient:
 It uses simple built-in methods,
such as fingerprint readers or cameras, or
leverages easy-to-use FIDO security keys.
 Consumers can select the device that best fits their
needs.
•
Private:
 Keys are unique and can’t be used to
track users across sites. Biometric data never
leaves the user’s device.

“I have nothing to hide” was once the standard response to surveillance programs utilizing cameras, border checks, and casual questioning by law enforcement.

Privacy used to be considered a concept generally respected in many countries — at least, in the West — with a few changes to rules and regulations here and there often made only in the name of the common good.

Things have changed, and not for the better.

China’s Great Firewall, the UK’s Snooper’s Charter, the US’ mass surveillance and bulk data collection — compliments of the National Security Agency (NSA) and Edward Snowden‘s whistleblowing — Russia’s insidious election meddling, and countless censorship and communication blackout schemes across the Middle East are all contributing to a global surveillance state in which privacy is a luxury of the few and not a right of the many.

As surveillance becomes a common factor of our daily lives, privacy is in danger of no longer being considered an intrinsic right.

Everything from our web browsing to mobile devices and the Internet of Things (IoT) products installed in our homes have the potential to erode our privacy and personal security, and you cannot depend on vendors or ever-changing surveillance rules to keep them intact.

Having “nothing to hide” doesn’t cut it anymore. We must all do whatever we can to safeguard our personal privacy. Taking the steps outlined below can not only give you some sanctuary from spreading surveillance tactics but also help keep you safe from cyberattackers.

Cyber Security or Information Technology Security also known as, IT Security is the process of implementing measures and systems designed to securely protect and safeguard information (business and personal data, voice conversations, still images, motion pictures, multimedia presentations, including those not yet conceived) utilizing various forms of technology developed to create, store, use and exchange such information against any unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby preserving the value, confidentiality, integrity, availability, intended use and its ability to perform their permitted critical function