Cloud
Check Point Software Announces 2024 Cloud Security Report
Check Point Software Technologies Ltd. has today unveiled its 2024 Cloud Security Report. The report exposes a critical surge in cloud security incidents, marking a significant increase from 24% in 2023 to 61% in 2024 (a 154% increase), highlighting the escalating complexity and frequency of cloud threats. The latest survey from Check Point reveals a concerning trend: while most organizations continue to prioritize threat detection and monitoring, focusing on known vulnerabilities and patterns of malicious behaviour, only a mere 21% emphasize prevention. This is particularly alarming as companies struggle to keep pace with rapid technological advancements, including the speed of DevOps and the deployment of new codes and applications in the cloud.
The survey underscores a daunting reality— although cloud attacks are on the rise, only 4% of organizations disclosed that they can mitigate risks easily and quickly. An overwhelming 96% have expressed concern about their ability to handle such risks. In addition, 91% of respondents are alarmed by the surge in more sophisticated cyber threats, including unknown risks and zero-day attacks, which cannot be detected using conventional security tools.
“The data speaks volumes about the urgent need for organizations to shift their focus towards implementing AI-powered threat prevention measures,” states Itai Greenberg, Chief Strategy Officer at Check Point Software Technologies. “By adopting a consolidated security architecture and enhancing collaborative security operations, businesses can preemptively tackle emerging threats, ensuring a more secure and resilient cloud environment.”
Other insights from the 2024 Cloud Security Report:
- Escalation of Cloud Incidents: There has been a 154% increase in cloud security incidents compared to last year, with 61% of organizations reporting significant disruptions.
- Deep Concerns Over Risk Management: An overwhelming 96% of respondents reported concerns about their ability to effectively manage cloud risks, reflecting a considerable escalation from previous years.
- Rapid Adoption of AI Technologies: With 91% of organizations now prioritizing AI to enhance their security posture, the focus has shifted towards leveraging AI for proactive threat prevention.
- CNAPP for Enhanced Prevention: Despite the growing threat landscape, only 25% of organizations have fully implemented Cloud Native Application Protection Platforms (CNAPP). This underscores the urgent need for comprehensive solutions that go beyond traditional tooling.
- Complexity in Cloud Security Integration: Despite the potential for streamlined solutions, 54% of respondents face challenges in maintaining consistent regulatory standards across multi-cloud environments. Additionally, 49% struggle with integrating cloud services into legacy systems, often complicated by limited IT resources.
The report advises organizations to embrace a more comprehensive, collaborative, and AI-driven cybersecurity framework.
Cloud
Critical Vulnerability Found in Google Cloud Functions
Tenable has disclosed that its Tenable Cloud Research Team has discovered a vulnerability in Google Cloud Platform (GCP), involving its Cloud Function serverless compute service and its Cloud Build CI/CD pipeline service. GCP has remediated ConfusedFunction for future Cloud Build accounts, however existing Cloud Build instances remain at risk with immediate evasive action required.
Cloud Functions in GCP are event-triggered, serverless functions. They automatically scale and execute code responding to specific events like HTTP requests or data changes. A multi-step backend process is triggered when a GCP user creates or updates a Cloud Function. This process, among other things, attaches a default Cloud Build service account to the Cloud Build instance that is created as part of the function’s deployment. This default Cloud Build service account gives the user excessive permissions. This process happens in the background and isn’t something ordinary users would be aware of.
An attacker who gains access to create or update a Cloud Function can take advantage of the function’s deployment process to escalate privileges to the default Cloud Build service account and other GCP services including Cloud Storage, and Artifact Registry or Container Registry. By exploiting the deployment flow and the flawed trust between services an attacker could run code as the default Cloud Build service account.
“The ConfusedFunction vulnerability highlights the problematic scenarios that may arise due to software complexity and inter-service communication in a cloud provider’s services,” explains Liv Matan, senior research engineer, Tenable. “To support backward compatibility, GCP has not changed the privileges from Cloud Build service accounts created before the fix was implemented. This means that the vulnerability is still affecting existing instances and we highly recommend customers take immediate action.”
GCP confirmed it had remediated ConfusedFunction, to some extent, for Cloud Build accounts created after February 14, 2024. While the fix has reduced the severity of the problem for future deployments, it hasn’t eliminated it. For every cloud function using the legacy Cloud Build service account, the advice is to replace it with a least-privilege service account.
Cloud
Veeam Bolsters Data Resilience for 21M Microsoft 365 Users
Veeam Software has announced the next generation of Veeam Data Cloud for Microsoft 365 with the new capabilities offered by Microsoft 365 Backup Storage. Veeam Data Cloud, built on Microsoft Azure, provides backup-as-a-service (BaaS) for Microsoft 365, enabling data resilience and leveraging powerful data protection and security technology within a simple, seamless user experience.
As a launch partner for Microsoft 365 Backup Storage, Veeam is leveraging the latest Microsoft technology with Veeam Data Cloud for Microsoft 365 to deliver lightning-fast backup and recovery capabilities for large Microsoft 365 environments, ensuring organizations protect critical data against cyber-attacks and data loss scenarios, further enabling complete data resiliency. This solution further strengthens Veeam’s position in protecting Microsoft 365 users, with over 21 million users already under Veeam’s protection.
“One of the benefits of our multi-year strategic partnership with Microsoft is rapidly bringing new advances to our joint customers and partners. This new release combines the benefits of Veeam’s industry-leading technology – in both data protection and ransomware recovery – with the latest Microsoft 365 data resilience capabilities introduced by Microsoft, and extends them to even more customers using Microsoft 365. In addition, we’re making great progress in our joint innovation bringing the power and insights of Microsoft Copilot to the Veeam product family,” said John Jester, Chief Revenue Officer (CRO) at Veeam.
Microsoft’s new backup technology is seamlessly embedded inside Veeam’s backup service for Microsoft 365, combining the new high-speed backup and recovery capabilities with Veeam’s established and unmatched restore and eDiscovery options tailored to meet any potential data loss and compliance scenario. This powerful fusion, where speed and scale meet control and flexibility, empowers organizations with the best of both worlds. “The collaboration with Veeam is an advancement in assisting our shared clients with quick recovery after cyber incidents. We look forward to deepening our collaboration to improve data protection for users,” said Zach Rosenfield, Director of PM for Collaborative Apps and Platforms at Microsoft.
Veeam Data Cloud for Microsoft 365 with Microsoft 365 Backup Storage delivers:
- Speed and Scale: This latest offering from Veeam and Microsoft is designed to manage large volumes of data seamlessly, with the ability to protect and restore 100+ TBs of data or 10,000+ objects. With this advanced solution, what used to take weeks or months is now accomplished within hours.
- Disaster Recovery: This new solution offers bulk restores at scale, ensuring increased resilience to ransomware or malware attacks and minimizing downtime. Veeam Data Cloud for Microsoft 365 with Microsoft 365 Backup Storage empowers organizations to bounce back quickly from any data loss scenario. Organizations no longer have to choose between paying a ransom or enduring weeks or months of data restoration.
- Future Readiness: As part of a new 5-year strategic partnership, Veeam is developing future solutions with Microsoft integrating Microsoft Copilot and Azure AI services to enhance data protection for Microsoft 365 and Azure. These solutions will simplify operations, automate administrative tasks, and allow organizations to allocate resources to business-critical initiatives, ensuring they stay ahead in a rapidly changing digital landscape.
“As adoption of Microsoft 365 increases, the volume and criticality of their associated data sets is also growing,” said Krista Macomber, Research Director at The Futurum Group. “Without the proper data protection solution, this can lead to highly time-consuming, cumbersome backup processes – ultimately resulting in delayed, missed, or incomplete backups. Equally an issue, it can also lead to slow and incomplete recovery processes. This cannot be afforded, especially given the need for resiliency against the onslaught of cyber-attacks. Veeam is directly addressing these challenges with the most recent update to its Microsoft 365 backup capabilities.”
5G
GSMA NESAS & MCKB: Leading the Way in Mobile Network Security International Standards for Regulators and Operators in the Region
As our interconnected digital world becomes essential, new technologies like 5G, cloud computing, big data, and AI create exciting possibilities. However, vulnerabilities increase alongside these advancements. Over 100 countries now have data protection laws, highlighting the growing focus on cybersecurity.
As the deployment of 5G technology and its next generation, 5G-Advanced (5G-A), which was already announced this year by global vendors like Huawei, mobile networks are increasingly becoming the backbone of our digital life, and robust cybersecurity standards and good practices are paramount for telecom authorities and operators.
Pioneering 5G deployment, Saudi Arabia and the GCC are now upgrading to 5G-Advanced for even greater value.
The telecom industry, constantly adapting, integrates cloud and AI with these networks, driving new digital business models. Telecom’s role in national security necessitates robust cybersecurity. Regulators, operators, and industry stakeholders in the region must collaborate to identify best practices and implement measures to safeguard networks, systems, and data from cyber threats. This cross-sector effort requires close cooperation with service providers, equipment manufacturers, and government agencies to mitigate risks, develop best practices, and raise cybersecurity awareness.
At the recently concluded MWC Shanghai 2024 organized by GSMA, the ‘Middle East and Central Asia ICT Policy and Governance Forum’ round table, themed “Driving Policy and Innovation to Shape Our Digital Future”, mobile network security took centre stage. The forum brought together a wide range of stakeholders, including senior officials from GSMA, regulatory authorities, operators, Huawei, and the China Academy of Information and Communications Technology, to discuss industry policies, successful practices, and valuable insights on network security and key industry trends.
The round table discussed the importance of spectrum, optical, and datacom policy planning and explored how carriers, enterprises, oversight agencies, and regulators can enhance mobile security capabilities and guide risk management strategies. The discussions also sought to promote the adoption of GSMA’s Network Equipment Security Assurance Scheme (NESAS) and Mobile Cybersecurity Knowledge Base (MCKB). Attendees also reviewed industry policies and best practices, with examples from China’s successful use cases.
Mr. Jawad Abassi, Head of MENA at GSMA, who moderated the roundtable discussion, said, “The GSMA regularly explores a range of security considerations including secure by design, 5G deployment models and security activities. Good security practices and policies by industry suppliers are essential. The mobile ecosystem should empower advancing positive policy and spectrum outcomes, driving digital innovation to reduce inequalities in our world and tackling today’s biggest societal challenges.”
GSMA NESAS is a rigorous security framework covering some of the most vital aspects of national critical infrastructure. Providing a universal industry standard, it highlights the ability of network equipment vendors to meet and maintain security levels—from product development to lifecycle management processes. Specifically, it covers equipment that supports functions defined by 3GPP and is deployed by mobile network operators on their networks.
NESAS is a trusted and proven standard for tracking records across the world. Vendors’ equipment is tested and audited against a security baseline defined by industry experts through GSMA and 3GPP. It reflects the security needs of the entire ecosystem – including regulators, mobile network operators, hyperscalers, and equipment vendors. The standard continually evolves to meet the needs of the whole industry, based on 3GPP + GSMA standards – avoiding security requirements fragmenting regionally. The GSMA works with internationally recognized partners to audit and test equipment, with selection criteria agreed upon by the GSMA NESAS Oversight Board.
Audits and evaluations allow experts to give in-depth feedback and analysis – helping vendors improve their processes and products while enhancing security across the wider industry. The list of accredited vendors provides near real-time visibility of security status, allowing procurement teams to make informed decisions and comparisons. Huawei’s 5G wireless and core network equipment (5G RAN gNodeB, 5G Core UDG, UDM, UNC, UPCF) and LTE eNodeB were the first to pass the GSMA’s Network Equipment Security Assurance Scheme (NESAS). With one transparent and independent global scheme reflecting the security needs of the entire ecosystem, regulators in the region can take advantage of clear guidance and support for national security mitigations.
GSMA has created the Mobile Cyber Security Knowledge Base (MCKB), which offers the combined knowledge of the 5G ecosystem to increase trust in 5G networks and make the interconnected world as secure as possible. The Knowledge Base is regularly enhanced and extended to respond to the evolving cybersecurity threat landscape.
The 5G Cybersecurity Knowledge Base is an industry effort that composes a comprehensive threat landscape designed to help key stakeholders such as MNOs, equipment vendors, regulators, application developers, and service providers understand the security threats posed by 5G networks in a systematic and objective fashion.
It provides essential insights for the stakeholders’ risk management strategy as well as guidance covering best practices and risk mitigation measures. The Knowledge Base will help enhance 5G security competencies and capabilities and strengthen the work of carriers, enterprises, oversight agencies, and regulators. At an operational level, the Knowledge Base offers clear instructions for taking step-by-step actions to build security assurance while considering the entire risk spectrum of 5G end-to-end networks.
Jeff Wang, President of the Public Affairs and Communications Department at Huawei, said, “To fully reap digital dividends, we need to pay more attention to enhancing connectivity, embracing digital application, and empowering digital talent.” The forum discussions provided recommendations for various countries in the region based on their specific needs and achievements in these areas and the need to specifically improve their optical fibre networks to ensure homes and offices have the speed and stability for these advancements.
The forum spotlighted the robust national network development strategies aligned with visions and key industries crucial for the growing demand for advanced services that necessitate network upgrades, vital for ambitious projects, as is the case of Saudi Arabia’s 10Gbs Society. Supportive policies from governments will incentivize carriers and enterprises to invest in infrastructure optimization.
Lin Yanqing, Principal Consultant, Industry Policy Public & Government Affairs, Huawei Technologies and Aloysious Cheang, Chief Security Officer, Huawei Middle East and Central Asia, joined the round table discussions and reiterated that Huawei has taken a proactive approach to telecom cybersecurity standardization. Cheang said, “Cybersecurity is a team sport, and together with GSMA, we can leverage their good work, such as NESAS and MCKB, that will lay the foundation to secure broadband, 5G, 5G-A, and beyond.”
The company works with the GSMA, the ITU, the 3GPP, and others, as well as through partnerships with security organizations and companies, to ensure the security of its customers and promote the healthy development of the mobile ecosystem, the executives explained. Huawei has passed NESAS/SCAS 2.0 evaluations for its 5G base station and NESAS audits for its RAN and core network, demonstrating the company’s commitment to cybersecurity. Saudi Arabia’s Vision 2030 fuels a digital revolution, prioritizing network investment. As the digital backbone, robust networks are essential for faster internet, advanced services, and a secure, sustainable digital economy.
-
Cyber Security1 week ago
New Pig Butchering Scam Targets Victims, Warns Chainalysis
-
Cyber Security6 days ago
Positive Technologies: 16% of Darkweb Listings Involve Middle Eastern Organisations
-
Cyber Security5 days ago
MENA Region Sees Surge in Managed Security Services Adoption, Says SearchInform
-
Cyber Security6 days ago
Gartner Forecasts Global Information Security Spending to Grow 15% in 2025
-
Expert Speak1 week ago
Telegram’s Privacy Paradox: The Challenges of Balancing Security and Responsibility
-
Cyber Security6 days ago
Skills Gap Exposes Organisations to Risks
-
Cyber Security4 days ago
SANS Institute to Boost Cyber Resilience in Bahrain and Qatar
-
Channel Talk3 days ago
Check Point Software Launches New MSSP Portal for Partners