Group Purchasing
Group Purchasing

SANS Cloud Security Exchange 2024 - Cloud Security: First Principles and Future Opportunities

SANS Cloud Security Exchange 2024 - Cloud Security: First Principles and Future Opportunities (PDF, 28.04MB)Published: 23 Aug, 2024
Created by:
SANS Institute
SANS Institute

Cloud Security: First Principles and Future Opportunities, published by SANS Institute in 2024 in partnership with AWS, Google Cloud, and Microsoft Azure, examines how organizations should modernize their cloud security architecture, identity management, operational practices, and AI application security. The book draws on five chapters covering the cloud security journey, Secure by Design principles, identity modernization, evolving operational best practices, and generative AI security risks.

Key findings:

  • Cloud account compromise was the fourth most prevalent MITRE ATT&CK technique used by threat actors in 2023, a 16x increase from 2022
  • Close to 40% of compromises within industrial and enterprise environments can trace back to weaknesses that provide adversaries a path into more sensitive systems, underscoring the risk of treating perimeter and internal network security as separate problems
  • A total of 26,447 critical vulnerabilities were disclosed in 2023, more than 1,500 higher than the previous year
  • More than 60 technology companies, including AWS, Microsoft, and Google, have signed CISA's Secure by Design Pledge
  • 82% of business leaders view secure and trustworthy AI as essential to their operations, but only 24% are actively securing generative AI models and embedding security processes into AI development
  • Microsoft's baseline Conditional Access policies have been shown to reduce account compromises by up to 80% when enabled
  • More than 50% of organizations have extremely limited or no visibility into their authentication and authorization processes
  • More than 100 malicious AI and ML models were discovered on the Hugging Face platform in a single reported incident
  • An estimated half of enterprise workloads currently run in the public cloud, with continued growth expected over the next several years

The book's central argument is that cloud security models built for on-premises data centers no longer match how attackers operate or how cloud environments actually function. Identity, rather than network perimeter, has become the foundation of effective defense, and organizations that keep applying legacy governance, patching, and monitoring practices to cloud-native and AI-driven environments are structurally behind the threats they face. The authors are especially direct about generative AI: it is a tool with real security uses, such as translating natural language into policy-as-code or generating abuse-case tests, but it offers little benefit for problems that mature tooling already solves well, like straightforward vulnerability scanning. This is a multi-author strategic and technical guide rather than a single empirical survey, so no unified respondent methodology applies; its statistics are drawn from a mix of primary SANS research, vendor telemetry (Microsoft, Red Canary, Mandiant), and third-party sources such as CISA, Qualys, and The Hacker News, each cited individually within the chapters.

Continued Reading

What is Cloud Security Compliance?

The Ultimate List of SANS Cheat Sheets

Nine Key Cloud Security Concentrations & SWAT Checklist

FAQ

Meet the expert

SANS Institute
SANS Institute

SANS Institute

Launched in 1989 as a cooperative for information security thought leadership, it is SANS’ ongoing mission to empower cybersecurity professionals with the practical skills and knowledge they need to make our world a safer place.

Read more about SANS Institute