The Cost of Simple Misconfigurations in the Cloud

It’s no secret that doing business is costly. From bills and employee salaries, to marketing, supplies, support services, and more—every dollar needs to be allocated appropriately. Because of this, organizations typically do all they can, or know how to do, to keep unexpected expenses from arising.

Unfortunately, for organizations that have experienced a data breach, one of the biggest unexpected expenses is remediation following a cyber incident that leaves employee and customer records vulnerable.

What Is Cloud Misconfiguration?

In 2018, Fugue found that infrastructure misconfigurations—overlooked network settings, firewall rules, storage access policies, etc.—are the leading cause of data breaches in the cloud, not software vulnerabilities or targeted attacks. In our recent Naked Data white paper, the Armor team examined 11 incidents of cloud data exposure over the past few years caused by simple misconfigurations. Frighteningly, those few incidents resulted in more than 386 million records being exposed, either directly or indirectly.

This is a wake-up call to security professionals, IT teams and decision makers. Ensuring data protection in the cloud requires a much different approach to cybersecurity than that of traditional on-premise infrastructures. As more organizations migrate data to the cloud, it’s important to understand the different types of risks associated with these constantly emerging environments.

Cybersecurity measures are generally targeted at one of two concerns: accidental risk to the cloud environment or intentional risk. Both risk profiles are pretty straightforward, but to be clear:

The accidental risk consists of inadvertent and overlooked security and compliance settings, controls, and configurations that can potentially expose your applications and/or data to the public or to threat actors. Accidental risks occur when the human element is introduced to how we use the cloud. Humans inevitably make mistakes, and in the high-paced development environments that the cloud enables, the impact of these mistakes is magnified.

A misconfiguration or incorrect setting leads to your cloud footprint being incompliant with a major regulation that your organization is subject to (i.e.: HIPAA, PCI, GDPR, etc.), or settings allowing user access to your web applications.  The accidental is almost always preventable through the use of cloud security and posture management (CSPM) tools, such as Armor’s Automated Security and Compliance offering.

The intentional risk is a hacker targeting vulnerabilities in your cloud environment. A recent analysis by our team showed there were 681 million cyberattacks against our more than 1,200 clients in 2018. The most common threats are brute-force attacks, going after stolen credentials, web application attacks, and targeting internet of things (IoT) devices.

The Cost of a Cloud Misconfiguration

Because money is always a driving factor in business, it’s important to understand the costs associated with these risks.

According to Ponemon’s 2018 Cost of a Data Breach Study, at $148 per breached record, the 11 incidents of cloud misconfiguration we analyzed cost organizations upward of a combined $57 billion. That’s right—billion.

This is not an arbitrary number, or the average cost of a stolen record for sale on the black market. There’s more that goes into a data breach than how much a stolen credential is worth. Costs associated with a data breach or record exposure consist of remediation fees, regulatory fines, loss of business, and reputation damage as well. Therefore, $148 per record is made up of 4 main factors:

Detection and escalation: This is the cost associated with detecting and reporting a breach to the appropriate personnel in a timely manner. This includes forensic and investigative activities, audit services, crisis management, and communications teams.

Notification costs: This is properly notifying data subjects whose information has been compromised. Not only does this step factor in the hard costs of paper, equipment, etc., but also includes the cost of labor to hire enough people to disseminate the notification effectively. This step also handles communicating with regulators and outside experts. Ponemon’s study found that notification costs in the U.S. were higher than any other country at an average $740,000.

Post data breach response: This is the process of helping individuals affected by the breach to communicate with the company. Included in this are help desk activities, credit report monitoring and identity protection services, issuing new accounts or credentials, legal expenses, product discounts, and regulatory fines. These cost U.S. companies $1.76 million.

Loss of business cost: In 2018, more organizations worldwide lost customers in the wake of a data breach. However, this accounts for more than losing customers. Organizations also have to factor in system downtime, business disruption, and reputation damage.

Accidental or intentional, most organizations can ill-afford to have their data exposed or left vulnerable. Thankfully, there are tools available to help mitigate the risk of a cloud data exposure or breach, keeping you from forking over millions of dollars to remediate.

Cloud Security Posture Management to the Rescue

Misconfigurations may be the leading cause of data breaches and exposures, but they’re easily resolved with cloud security posture management (CSPM) tools. According to Gartner, through 2024, implementing a CSPM offering and extending this into development will reduce cloud-related security incidents due to misconfiguration by 80%.

So what exactly do CSPM tools do? Aside from identifying your cloud environment footprint, monitoring for new instances, ensuring consistent enforcement across multiple cloud providers, and much more, these tools scan your environment for misconfigurations and improper settings that could leave you vulnerable. They also monitor your storage buckets for misconfigurations that could make data accessible to the public.

In a nutshell: They help organizations address and mitigate the accidental cybersecurity risks facing cloud data.

No one wants to shell out more money than necessary when conducting business, especially when it’s something that’s avoidable with the assistance of tools and vendors. Consider your options and the expert sources available to you when migrating, managing, and storing data in the cloud.

It’s always easier and cheaper to employ security proactively vs. remediating a data breach or exposure after the fact. Contact us today to learn how Armor can help you stay ahead of the game with CSMP and cloud security best practices.

Resource Center

More security resources at your fingertips.

Practical Content for Security, DevOps, & IT Professionals