Log in Register

Log in

IT GRC Forum    Research   

  pdf Cloud Risk Surface Report (1.54 MB)


cloudriskreportNavigating safely in cloudy condition

This report (re)uses the same data set behind the Internet Risk Surface Report. It is derived from RiskRecon’s work in providing companies objective visibility into their third-party cybersecurity risk. For each organization analyzed, RiskRecon trains machine learning algorithms to discover internet facing systems, domains, and networks. For every asset discovered, RiskRecon analyzes the publicly accessible content, code, and configurations to assess system security and the inherent risk value of the system based on attributes such as observable data types collected and transaction capabilities. RiskRecon provided Cyentia a large anonymized sample of their production data set for this research. 

Having studied several broad aspects of the Internet risk surface, we now seek to narrow the focus to consider how the cloud shapes that surface. The benefits of migrating data, workloads, applications, and business processes to the cloud are incredibly compelling. But as a steady string of headlines reporting large data exposures from cloud environments suggest, those benefits don’t come risk-free. Is the risk worth it? To help you answer that for your organization, we leverage a massive dataset supplied by RiskRecon spanning 18,000 organizations and over 5 million hosts yielding 32 million security findings. Read on for a preview of the fascinating facts and figures we share in this report.

pdf Download (1.54 MB)

 


About the IT GRC Forum

The IT GRC Forum is an online resource and networking platform for Governance, Risk Management, and Compliance (GRC) Professionals. We produce educational events and provide market intelligence for our members, and it is our goal to help industry stakeholders, government regulators, and end-users better understand and manage the increasingly complex GRC landscape across their organization. Visit us at www.executiveitforums.org