As digital transformation efforts continue, AWS is becoming an even more critical component to organizations who are regularly deploying new workloads, leveraging deployments in multiple regions and are relying on more than one AWS service.
Vectra AI has released the findings of the PaaS & IaaS Security Survey Report which found that 64% of DevOps respondents are deploying new workload services weekly or even more frequently; 78% of organizations are running AWS across multiple regions (40% in at least three); and 71% of respondents say that they are using more than four AWS services (such as S3, EC2, IAM, etc).
The expansion of AWS services has naturally led to increased complexity and risk with 100% of companies surveyed having experienced at least one security incident in their public cloud environment. Gartner anticipated that over 99% of cloud breaches will have a root cause of customer misconfiguration.
Some blind spots the Vectra report uncovered include: 30% of organizations surveyed have no formal sign-off before pushing to production; 40% of respondents say they do not have a DevSecOps workflow; and 71% of organizations say that 10 or more people can modify the entire infrastructure in their AWS environments, creating numerous attack vectors for hackers.
Despite these blind spots, the survey showed that companies are taking security seriously. Over half of the companies reported having double-digit security operations center (SOC) headcounts, showing a significant investment in keeping their organizations secure.
The report compiled the answers of 317 IT executives all using AWS, 70% coming from organization of 1,000+ employees. The findings show a rapid expansion and reliance on AWS services while simultaneously showcasing security blind spots within many organizations.