Creeping cloud complexity is hampering incident response

Cloud complexity concept art showing scattered binary code with different colored lines of code interwoven on a digital interface.
(Image credit: Getty Images)

Cloud complexity is hampering incident response capabilities, according to new research, with organizations reporting delays in response times and heightened security risks.

Research from Cado Security found over two-thirds (65%) of organizations take between three and five days longer when investigating issues or incidents within their cloud environments as opposed to on-premises. 

Businesses are feeling the sting as well, with just under half (43%) of organizations having experienced serious damage as a result of uninvestigated cloud incidents, while 89% of organizations reported some level of damage before an incident was contained. 

The reasons behind floundering incident response times are myriad, though all related to a general level of cloud complexity affecting the capabilities of cyber security teams.

Owing to the increasing deployment of cloud and multi-cloud approaches and strategies, enterprises and businesses are more vulnerable than ever, with malicious actors able to leverage access to threaten entire environments. 

“In cloud attacks, threat actors typically try to escalate their account permissions and find more credentials that they can test to access other cloud instances,” Crystal Morin, cyber security strategist at Sysdig, told ITPro.

“Your cloud security tools have to deliver better visibility of lateral movement by alerting on the misuse of user identities and entitlements,” she added. 

According to Cado, 82% of organizations reportedly use multiple platforms and multiple tools to perform investigations into the cloud, while 45% report a lack of integration of tools across various platforms or environments.

This damages organizational cloud security, the study noted, with 36% of respondents suggesting a lack of control and visibility to be the “biggest challenge faced” in efforts to conduct investigations or respond to incidents. 

“Organizations still lack streamlined incident response strategies for cloud environments,” James Campbell, CEO & Co-Founder at Cado Security, said. 

"A robust incident response program – especially one that extends to the next generation of technologies – is critical to safeguarding organizations against emerging threats," he added.

Cloud complexity is exacerbated by skills deficits  

34% of organizations reported limited levels of cloud-specific cyber security skills within their teams, thus limiting the extent to which they can effectively respond to incidents across environments. 

Teams need to be prepared for cloud security incidents in the face of spiraling complexity and, as Guy Warren, CEO at ITRS, told ITPro, firms need to have well-established plans in place.

“Firms should make sure that they have a clearly defined responsibility model so they can adopt a coordinated response against vulnerabilities. This means should an incident occur, they can take the necessary steps to mitigate its impact more effectively,” Warren said.  

Cloud complexity doesn’t just affect security, either, with other studies suggesting that it breeds a level of difficulty throughout businesses as various teams attempt to manage their systems.

71% of CIOs said that the amount of cloud-based data they processed exceeded the typical management capabilities of staff members, implying that cloud complexity had reached unmanageable levels in terms of observability. 

George Fitzmaurice
Staff Writer

George Fitzmaurice is a staff writer at ITPro, ChannelPro, and CloudPro, with a particular interest in AI regulation, data legislation, and market development. After graduating from the University of Oxford with a degree in English Language and Literature, he undertook an internship at the New Statesman before starting at ITPro. Outside of the office, George is both an aspiring musician and an avid reader.