Abstract

In 2020, IBM Security X-Force produced a report containing exclusive research and data on ground-truth statistics surrounding threat actor targeting of cloud environments. Cloud adoption continues to thrive, providing convenience, cost savings, and near-permanent uptimes for organizations compared to on-premises infrastructure.

At the same time, threat actors continue to target cloud environments regardless of organization size, and shifting to a cloud model requires a specialized approach different from that of traditional deployments. A key factor to successful deployment—and management—of cloud environments is understanding how threat actors target them, what motivates them, and how to avoid common pitfalls that leave the cloud vulnerable.

This year, we have augmented our 2020 report with new and more robust data spanning Q2 2020 through Q2 2021. Data sets we used include dark web analysis, IBM Security X-Force Red penetration testing data, IBM Security Services metrics, X-Force Incident Response analysis and X-Force Threat Intelligence research. These multiple data sources help us better understand how threat actors are getting into cloud environments, what types of malicious activity are pursued once they’re inside and how organizations can prepare and react to security incidents involving their cloud environments more effectively.

Links

• https://www.ibm.com/downloads/cas/WMDZOWK6

Citation

IBM, 2021. 2021 IBM Security X-Force Cloud Threat Landscape Report - IBM Security X-Force Threat Intelligence