We live in an era where cyberattacks are constantly on the rise . Clusit — the Italian Association for Information Security — recorded 1,141 serious incidents in the first half of 2022 alone, marking an 8.4% increase compared to the previous year. Threats now extend to critical infrastructures, leading 67% of companies to perceive an increase in attacks and 14% to suffer tangible consequences such as service disruptions or reputational damage.
These figures emerge from the analysis conducted by the Cybersecurity & Data Protection Observatory at the School of Management of Politecnico di Milano, presented at the conference “Cybersecurity: towards a common front.” Gaining a thorough understanding of Cloud risk and security factors is therefore becoming increasingly essential for businesses. Not coincidentally, cybersecurity awareness is growing, becoming the top digital investment priority in Italy in 2023, for both large enterprises and SMEs.
What is Cloud Security?
Cloud Security represents a fundamental pillar in the Cloud Computing landscape. A new way of thinking about cybersecurity , extending the role of security across the entire lifecycle of Cloud Native applications.
Cloud Security follows the same standards as traditional security models — what changes is the approach to security. This is because traditional security models are built on outdated assumptions. Cloud Native applications, with their frequent changes, extensive use of open source tools and libraries, and execution on hyperscaler-controlled infrastructures, render traditional code review and quality assurance practices inadequate.
To address these challenges, Cloud Security revolutionizes the approach to security . It introduces a new way of operating that involves security at every stage of the software release cycle. Manual audits are replaced by automated scans, and rapid code release pipelines are integrated with tools that analyze code for vulnerabilities before compilation. Open source libraries are carefully monitored for potential vulnerabilities, and rather than hindering change, the Cloud Native security model embraces frequent updates of vulnerable components or regular replacement of infrastructure. This approach, closely tied to the practice of DevSecOps , serves as an innovative response to security needs in modern Cloud environments.
Read also: DevSecOps: 6 principles for introducing it in your company Container Security: what it is and how to achieve it
Why is Cloud Security important?
The growing adoption of Cloud Computing by businesses imposes an urgent need to pay the utmost attention to Cloud Security . Companies, increasingly relying on Cloud infrastructures for data and resource management, find themselves exposed to significant risks that require a proactive approach to cybersecurity.
As highlighted in the introduction, cyberattacks are constantly increasing. This means that the vulnerability of companies entrusting sensitive data and operational processes to Cloud services is growing. The solution cannot and should not be to boycott the Cloud. Instead, the solution lies in Cloud Security — not just as a best practice, but as a genuine corporate mindset .
In other words: with the continuous increase in attacks, data protection in the Cloud is no longer a choice, but a critical necessity. And confirmation comes from the cybersecurity market . According to research by the Cyber Security & Data Protection Observatory of Politecnico di Milano, in Italy 61% of organizations with more than 250 employees have increased their cybersecurity budget over the past year.
Tackling the security challenge in the Cloud requires a comprehensive and strategic approach , involving all phases of the lifecycle of Cloud applications and resources, from development through to production. In this context, Cloud Security becomes a fundamental element for ensuring operational continuity and preserving the reputation of companies that rely on Cloud Computing.
What are the benefits of Cloud Security?
In the Cloud Computing landscape, a Cloud Security strategy proves particularly advantageous when compared to the traditional approach . The latter, focused on firewalls and network perimeter protection, becomes insufficient in the face of the dynamic nature of Cloud Computing, which dynamically leverages shared resources and automates the provisioning of storage, networking, and on-demand computing.
On the other hand, while dynamism offers advantages, it also expands the attack surface , making a new security perspective necessary. Below are the main benefits of a Cloud Security strategy.
- Protection against attacks: Cloud Security stands as a bulwark against cyberattacks and DDoS attacks, defending businesses from increasingly sophisticated threats.
- Data security: A central element of Cloud Security is the protection of sensitive data through advanced practices such as encryption, preventing critical information from falling into the wrong hands.
- Greater resource availability: Many Cloud Security services offer real-time monitoring and support, increasing resource availability and promptly resolving security issues.
- Greater reliability: A sound Cloud Security approach implies built-in redundancy, ensuring a more reliable experience for users and preventing unwanted disruptions.
- Regulatory compliance: Cloud Security helps ensure regulatory compliance, which is particularly important in a complex Cloud architecture. Cloud providers offer security and support to ensure that organizations meet compliance requirements.
What are the principles of Cloud Security?
When addressing and mitigating security risks in Cloud environments, it becomes essential to adopt specific security activities and follow principles that guide strategic decisions in this area. Let us examine the main areas of Cloud security intervention.
Data protection
Data protection plays a fundamental role. Various technologies are used to create technical barriers between access and the visibility of sensitive data. Encryption , in particular, involves converting data into an encoded format, making it readable only through decryption.
Identity and Access Management
Controlling access is fundamental to ensuring Cloud security. Tools for managing passwords , as well as multi-factor authentication and Identity & Access Management (the management of identities and access), play a key role. These tools limit the compromise of data and systems by controlling access to resources to prevent intrusion by unauthorized or malicious users.
DevSecOps
We have already mentioned DevSecOps , the security approach that integrates tools and controls from the development phase onward to ensure application security. It is indeed one of the core principles of Cloud Security. In Hybrid & Multi Cloud environments , the DevSecOps pipeline requires the integration of threat protection tools at various levels, often supported by Artificial Intelligence algorithms and techniques.
Read also: Cloud DevSecOps: what it is, benefits and tools
Business Continuity and Disaster Recovery
A company must also equip itself with measures and tools that can ensure operational continuity in the event of security incidents. Cloud Security solutions include backup tools that enable the restoration of normal operations after unforeseen events, avoiding business interruptions and data loss.
Governance and training
Beyond technological aspects, it is essential to devote equal attention to organizational and governance aspects . This includes the adoption of security rules and policies, raising staff awareness of cyber threats, and clearly defining relationships with the Cloud provider through the evolution of contractual tools, to ensure the clear definition of practices, responsibilities, and service availability levels. Cloud security, therefore, requires a synergy between technology, organization, and corporate governance .
What are the threats related to Cloud security?
The threats related to Cloud security are diverse and require an in-depth understanding to ensure adequate resource protection. SparkFabrik, as an active member of the OpenSSF (Open Source Security Foundation), is actively committed to pursuing the same goals as the organization — namely, making open source software (OSS) simpler to use while ensuring its sustainable development and proper maintenance.
To protect against Cloud security threats, it is indeed essential to also manage open source project dependencies , particularly in Software Supply Chain (SSC) management. Below is a list of the main security threats in the Cloud context.
Software Supply Chain Attacks
As mentioned, SSCs can become the target of malicious attacks. An increasingly complex supply chain exposes a higher number of attack points. In a recent OpenSSF article , our CTO Paolo Mainardi highlights a key point: the annual report conducted by Sonatype, which examines the state of the software supply chain, reveals an average increase in attacks on this chain of 742% per year since 2019.
READ ALSO: Secure Software Supply Chain for OCI Artifacts on Kubernetes
Lack of visibility
The loss of traceability in data access is also a significant threat, especially considering the vast number of Cloud services accessible by third parties. Lack of visibility can compromise the ability to detect and respond to unauthorized activities.
Multitenancy
Public Cloud environments host multiple client infrastructures under the same protection, making it possible for one company’s services to be compromised as a side effect of attacks targeting other companies. Resource sharing can expose organizations to unexpected risks.
Access management and Shadow IT
Managing access points in Cloud environments can be complex, especially when BYOD (Bring Your Own Device) policies are not implemented. Unfiltered access to Cloud services from various devices and geographic locations can create opportunities for malicious activities.
Regulatory compliance
Managing regulatory compliance in public or hybrid Cloud environments can create confusion. The responsibility for data security and privacy remains with the company, and consequently, excessive reliance on third-party solutions can cause costly compliance issues.
Misconfigurations
Misconfigurations represent a significant threat, with 86% of breached records in 2019 caused by misconfigured assets. Unintentional access by internal staff can result from default administrative passwords or inadequate privacy settings.
Best practices for Cloud Security
To ensure robust Cloud Security and therefore a secure and resilient Cloud environment, companies should adopt the following best practices.
1. Clarify responsibilities
Knowing exactly which aspects of Cloud Security companies are responsible for is fundamental. Never assume that the Cloud provider handles everything automatically. Clarity on shared responsibilities helps avoid security gaps and ensures effective risk management.
2. Cloud architecture visibility
Ensuring complete visibility of the organization’s Cloud architecture is fundamental. Lack of visibility can lead to ineffective threat management and a slow response to security incidents. Actively monitoring the Cloud environment enables a prompt response to anomalous behavior.
3. Full awareness of Cloud architecture
A solid understanding of Cloud architecture is essential to avoid configuration errors that could compromise security. It is necessary to increase knowledge of Cloud architectures through training, so that teams fully understand the Cloud environment and are able to correctly implement security policies.
4. Eliminate unnecessary elements
Deactivate unused ports and remove unnecessary resources. To reduce vulnerabilities, it is advisable to remove unnecessary instances and processes. Superfluous elements can constitute potential entry points for attackers. Implementing efficient resource management helps maintain a clean and secure environment.
5. Software Supply Chain Security (SSCS)
As we have seen, integrating software supply chain security is crucial. Ensuring that software components are secure and trustworthy is fundamental to preventing supply chain attacks.
Shared responsibility between the Cloud provider and the company requires careful management of best practices, also integrating third-party security solutions when necessary. Awareness , continuous training , and active monitoring are key elements for maintaining a secure and resilient Cloud environment.
Open source and Cloud Security
The use of open source software (OSS) is widespread in the Cloud ecosystem, but this practice is not without significant security risks. Addressing these risks requires an in-depth understanding and the implementation of preventive measures, with particular attention to the integrity of OSS software. Below are some risks associated with the OSS landscape.
- Third-party dependency: The use of open source libraries and frameworks implies a dependency on third parties. Vulnerabilities present in these components can be exploited by attackers to compromise the entire system.
- Maintenance and updates: Managing patches and updates in a complex Cloud environment can be challenging. Delays in fixing known vulnerabilities can expose applications and data to significant risks.
- Lack of visibility: Once again, lack of visibility can compromise security. In a distributed Cloud environment, it can be difficult to gain complete visibility over the open source libraries in use. This lack of visibility increases the risk of using components with known vulnerabilities.
- Lack of software integrity: Another extremely relevant point is maintaining software integrity. Sigstore is an example of a tool that plays a key role in preserving the integrity of open source software. It provides a platform for digital signing and verification of all software, facilitating the creation of a secure and transparent software supply chain. Using Sigstore helps mitigate the risks associated with OSS software compromise, ensuring that only verified and intact code is used in Cloud projects.
Cloud Security and legislation: the Cyber Resilience Act
The European Union has placed strong emphasis on cybersecurity through the Cyber Resilience Act. This legislation aims to strengthen digital defenses , promoting common standards and collaboration among member states.
In this context, SparkFabrik is concretely involved. We are active members of the Linux Foundation Europe and promoters of the #FixTheCRA initiative, of which Paolo Mainardi is an Advisory Board Member. This commitment reflects the desire to ensure that regulations take into account the specificities of the open source environment, thereby contributing to shaping a secure and balanced future for cybersecurity in Europe.
The evolution of Cloud security in Italy
Exploring the vast world of Cloud security, we have outlined the growing importance of CyberSecurity, highlighting the challenges and risks that companies face in the digital era and in the context of Cloud Computing. We have emphasized the need for an integrated security approach , constant awareness, and collaboration between institutions, companies, and the open source community to address the ever-growing challenges of a continuously evolving digitalized world.
The rapid growth in cyberattacks underscores the urgency of advanced protection strategies . There are encouraging signs showing growing corporate awareness around Cloud security. The increase in cybersecurity investments, including in the Italian market, indicates a growing focus on the need to defend against increasingly sophisticated threats.
The Italian cybersecurity market reached a value of 1.86 billion euros in 2022, recording a notable 18% increase compared to 2021. Despite this growth, the ratio of cybersecurity spending to GDP stands at just 0.10%, placing Italy last among G7 countries . In other words, significant progress has been made, but there is still a very long road ahead.
