Protect Your Public Cloud Infrastructure with a Proactive Approach to Cybersecurity

Global data breaches hit 1,500 in 2018, and continue rising this year, according to research from IDG, making cybersecurity in the cloud a top priority for many enterprises. Based on public disclosures, the U.S. continues to account for a large majority of the biggest security breaches, some of them absolutely vast. 

Overall, enterprise concern about cybersecurity has increased since 2017, but belief in their ability to manage cyber risk— their cyber confidence — has declined, according to The 2019 Global Cyber Risk Perception Survey from Marsh and Microsoft.

U.S. laws and regulations force organizations to disclose their data breaches involving consumer information and data, which is something not true in all countries. The positive side of that, is that past cybersecurity breaches have provided valuable lessons learned. Better still, those lessons have driven the development of best practices for preventing a cybersecurity breach when using cloud services, such as those delivered by AWS and Azure.

The 2019  Capital One data breach highlighted the need for comprehensive visibility into public cloud infrastructure.

How to Prevent a Capital One type Data Breach

On July 29, it was announced that there was a Capital One cloud data breach. A hacker had accessed about 100 million credit card applications, along with thousands of Social Security and bank account numbers were also taken. This came on the eve of the news that Equifax had reached a $700 million settlement with U.S. regulators over stolen personal information for 147 million records in 2017.

Are compromises like these preventable? Absolutely. The good news is that cybersecurity can be improved with the right strategy and a comprehensive solution, which means risk can be mitigated and managed, and potentially recovered from, although it cannot be completely eliminated.

In our blog post we cover what went wrong with the Capital One cloud data breach. Then some best practices for ramping up your cybersecurity strategy.

The questions many are asking now are:

  • “Cloud my company be at risk for its own data breach?”
  • “How can I prevent a data breach like Capital One’s?”

CloudPassage’s Head of Security Research, Amol Sarwate addresses these questions in his blog “Preventing a Capital One Cloud Data Breach” in which he covers:

  • What went wrong
  • The Principle of Least Privilege
  • Best Practice Templated to Prevent a Cloud Data Breach

What the AWS Cloud Security Report Can Tell Us About Preventing a Data Breach

Read the AWS Security Report blog to learn what cybersecurity professionals say about the following key takeaways. Their:

  • Level of concern regarding cloud security  
  • Biggest operational headaches
  • #1 security threat in public clouds 
  • Legacy security solutions’ applicability for the cloud.

Reach out if you have any questions or need immediate insights into where your exposures lie.

Other high-profile data breaches of the last year have made organizations wonder how their peers are tackling cloud infrastructure security.

In the wake of the last year’s Capital One security breach in their AWS cloud environment, the security community is taking another look at how we approach cloud security. Here we take a look at how your industry peers are thinking about focusing on what matters by taking a look at the 2019 AWS Security Report.

We partnered with Cybersecurity Insiders to survey their 400,000-member community and gather insights into cybersecurity professionals’ concerns, tools, and best practices.

Cloud Requires a New Approach to Cybersecurity

Without a solid cloud security strategy in place as a key component of cloud adoption, there’s no way to tackle the current data breach landscape.

Cybersecurity teams are still struggling to maintain security visibility of these dynamic environments due to decentralization of IT, the expanding cloud attack surface, and an ever-growing list of cloud service configuration options. 

The biggest challenge is that there are simply more things in more places that need to be monitored and protected – and no effective way to maintain complete visibility into all those assets and the issues that threaten them without automation.


Halo Cloud Secure is an automated public cloud infrastructure security solution that delivers comprehensive visibility, protection, and continuous compliance monitoring for compute, storage, database, networking, and identity services to reduce cyber risk.

Delivering the deepest and broadest coverage for AWS and Azure, Halo Cloud Secure finds critical risks other tools miss and enables you to: 

  • Obtain single-point inventory and reporting of the security and compliance posture of all your public cloud infrastructure assets
  • Quickly identify IaaS misconfigurations that expose your organization to cyber threats.
  • Continuously monitor public cloud infrastructure assets for critical issues and compliance violations.

Get a Free Cloud Security Assessment from CloudPassage

See CloudPassage Halo in action within your own cloud environment.

Get a complete Cloud Security Posture Assessment of your AWS or Azure cloud environment in 30 minutes for free with CloudPassage.

  • Inventory all cloud assets
  • Scan for security and best practice violations
  • Get a summary of your cloud security posture
  • Get issue and remediation details prioritized by criticality.

CloudPassage makes this process very fast, and very easy by utilizing automation within Halo.

Let us show you how.

Capital One Data Breach: Non-Technical Tips to Not Be a Headline

Preventing a Capital One Cloud Data Breach

What the 2019 AWS Security Report Tells Us to Prevent a Cloud Data Breach