• Explore. Learn. Thrive. Fastlane Media Network

  • ecommerceFastlane
  • PODFastlane
  • SEOfastlane
  • AdvisorFastlane
  • LifeFastlane

The State Of Cloud Security In 2024 (Plus: Fake Customer Support Phishing Schemes, Unique Cybersecurity Initiatives, & More)

the-state-of-cloud-security-in-2024-(plus:-fake-customer-support-phishing-schemes,-unique-cybersecurity-initiatives,-&-more)
The State Of Cloud Security In 2024 (Plus: Fake Customer Support Phishing Schemes, Unique Cybersecurity Initiatives, & More)

Datadog recently published its 2024 State of Cloud Security report, in which it analyzed security posture data from thousands of organizations that use AWS, Azure, or Google Cloud.

Key takeaways:

  • Long-lived cloud credentials pose a major security risk to companies, as they never expire and frequently get leaked in source code, container images, build logs, and application artifacts.
  • Research shows that most publicly documented cloud incidents are caused by compromised cloud credentials, both from humans (i.e., passwords) and applications.
  • Assigning overprivileged permissions to cloud environments can create substantial risks, as any attacker who compromises the workload—for instance, by exploiting an application-level vulnerability—can steal the associated credentials and access the cloud environment.

What’s the lesson here?

While cloud environments are becoming more secure thanks to greater awareness of threats and vulnerabilities among individuals, as well as better enforcement of cloud security protocols among organizations, there are still risks to be aware of—especially as attackers adapt their techniques. What’s your 2025 data security strategy? Start here.

What other topics are trending?

The Soapbox: Online conversations you don’t want to miss

Featuring insights from our Co-Founder & CTO, James Ciesielski.

What cool cybersecurity awareness initiatives has your company done?

My take? We take cybersecurity very seriously at Rewind, but we also like to have fun! For Cybersecurity Awareness Month in October, our Trust team held cybersecurity challenges to build awareness all month long. A highlight was the “phish your coworkers” challenge, which gamified our vigilance against the most common causes of security breaches. This encouraged discussions about the importance of being agile when it comes to data protection and disaster recovery planning.

Join the conversation on Reddit.

Schneider Electric was breached by HellCat Ransomware claiming access to their Atlassian Jira system

My take? It was only a matter of time before someone hacked a company’s Jira system. This just goes to show the importance of a robust data security strategy that considers all of your organization’s business-critical SaaS data. Maybe Schneider Electric could have avoided this data disaster by implementing a third-party backup and recovery solution to protect its assets and those of customers. 

Join the conversation on X.

Subscribe to Retro for more!

Like what you read? Subscribe to Retro so you don’t miss any of our industry’s top stories and conversations.


Miriam Saslove”>
Miriam Saslove

Miriam Saslove is a chronically online storyteller based in Montreal. She loves books, concerts, coffee, and helping brands foster engagement and awareness through impactful multi-channel content. Also puns.

This article originally appeared on Rewind and is available here for further discovery.
Prev
How To Build A Brand In 7 Steps: Get Started In 2025
how-to-build-a-brand-in-7-steps:-get-started-in-2025

How To Build A Brand In 7 Steps: Get Started In 2025

Next
E-Commerce SEO Best Practices: What To Expect In 2025

E-Commerce SEO Best Practices: What To Expect In 2025

You May Also Like
Share to...