Generative AI sparks new cloud & edge security concerns
The adoption of cloud and edge technologies continues to face significant security challenges and privacy concerns, particularly with the rapid growth of generative AI posing new threats to cloud security. SUSE has released the second edition of its "Securing the Cloud" trend report, unveiling these challenges and providing insights into how organisations respond to them.
SUSE's report highlights that 70% of IT decision-makers surveyed experienced at least one cloud security incident in the last 12 months. Additionally, 62% reported having at least one edge security incident within the same period. The findings underscore the pervasive nature of these threats and the demand for enhanced security measures.
Dr. Thomas Di Giacomo, Chief Technology and Product Officer of SUSE, commented on the findings: "Cloud and edge technologies play a vital role in accelerating digital evolution across the globe. Simultaneously, the threat landscape is continuously evolving to create new security risks. Our trend report showcases the growth in edge security incidents and the challenges facing IT teams in light of the generative AI revolution and growing complexity. At SUSE, we are primed to help enterprises modernise their IT stacks while addressing these risks. We will continue to support businesses that are choosing open for their transformation without compromising on security."
The report identifies generative AI as a significant security concern. Key issues include AI-powered cyberattacks (66%) and privacy and data security (65%). Only 4% of IT decision-makers surveyed did not perceive any risks associated with the technology. The concern is more pronounced among US respondents, with 73% citing privacy and data security and 74% worried about AI-powered cyberattacks, compared to 62% and 64% of European respondents.
Cloud security incidents have reportedly decreased overall, dropping from an average of 4 incidents last year to 2.3 incidents this year. Nonetheless, 70% of those affected dealt with multiple incidents, indicating a persistent need for robust security measures. The Netherlands experienced the highest average number of incidents (2.9), while the UK had the fewest (1.9).
Despite declining cloud security incidents, edge security remains a critical issue. 62% of respondents encountered at least one edge security event in the last year, with Germany (66%), the US (65%), and the Netherlands (64%) being the most affected. Software engineers reported the highest incidence of edge security events at 90%, highlighting a significant challenge for those responsible for maintaining the security of edge environments.
Ransomware attacks have emerged as the leading cloud security concern, with 38% of respondents identifying it as their top worry. This marks a shift from data theft and crypto mining within clusters, which were previously the primary concerns. Concerns about ransomware attacks are particularly pronounced in the UK and the US, where 43% of respondents cited it as a top issue compared to 29% in France.
Regarding mitigation strategies, many respondents deemed the in-house auditing of vendor software critical to combating supply chain attack risks. One in four IT decision-makers also indicated that government-recognised supply chain security certifications would become a higher priority in the coming year.
Currently, container firewalls (41%), DoS or DDoS protection (38%), and security automation (36%) rank as the most commonly used cloud security practices among the IT professionals surveyed.
The report surveyed 820 IT professionals across the United States, Germany, the United Kingdom, France, and the Netherlands. It underscores ongoing concerns about cloud security that continue to impede the broader adoption of these technologies. Indeed, 86% of professionals indicated they would migrate more workloads to the cloud if data security could be assured.