Threat forecast: Cloudy with a chance of entropy

In the first half of 2019, there were 21 headline-grabbing incidents involving public cloud platforms. Cloud service providers (CSPs) maintained their sterling reputation for platform security as only a very small percentage of the incidents could be directly attributed to the providers. However, consumers of infrastructure- and platform-as-a-service (IaaS and PaaS) cloud offerings continue to struggle with getting the basics of security right.

If there’s one thing cloud providers have done extremely well, it’s innovate. Unfortunately, this torrent of new, innovative features—often released on a near-daily basis—has led to exponentially more complexity. Although many IT and security organizations conceptually understand the Shared Responsibility Model, our research shows there is a breakdown when putting this concept into practice.

This report highlights key insights from incidents spanning the first half of 2019 and presents original research from the cloud-focused division of the Palo Alto Networks Unit 42 threat intelligence team. We’ve designed the report to empower your business with the required security knowledge, tools, and best practices to fulfil your role in the Shared Responsibility Model.