SuSE identifies cloud security generative degenerations

Open source enterprise-grade solutions platform company SuSE is aiming to shed some light on the issue of securing increasingly complex cloud and edge environments, especially in the era of generative AI.

As part of its annual market study, SuSE has said that AI-powered cyberattacks and privacy and data security are the top two concerns when it comes to generative AI cloud security.  

There is also a rise in edge security concerns, despite overall fewer cloud-related security incidents. 

The company’s cloud trends analysis suggests that IT decision makers have experienced, on average, 2.3 cloud-related security incidents in the past year, down from 4 last year. The country that was most affected was the Netherlands, (2.9 on average), with the UK (1.9 on average) the least affected.

Threat landscape

Dr. Thomas Di Giacomo, chief technology and product officer at SuSE has stated that cloud and edge technologies play a vital role in accelerating digital evolution across the globe, simultaneously the threat landscape is continuously evolving to create new security risks. 

“Our trend report showcases the growth in edge security incidents and the challenges facing IT teams in light of the generative AI revolution and growing complexity. At SuSE, we are primed to help enterprises modernise their IT stacks while addressing these risks. We will continue to support businesses that are choosing open for their transformation without compromising on security,” Di Giacomo.

The trend report’s results propose ongoing security challenges in the adoption of cloud and edge technologies, including threats from ransomware attacks, privacy and data issues related to generative AI, and AI-powered cyberattacks. 

The trend report is based on comprehensive polling of 820 IT professionals across the United States, Germany, the United Kingdom, France and the Netherlands. 

Concerns about cloud security continue to restrict wider adoption of the technology, with almost all professionals stating they would migrate more workloads to the cloud if data security could be guaranteed.

The American way

Concerns around generative AI security risks are more prevalent in the US. US respondents considered generative AI a higher risk to their security strategy than European counterparts across all categories, including privacy and data security. 

While overall, respondents reported a decrease in cloud security incidents, from 88% to 70%, of those affected, 70% experienced multiple incidents, emphasising a continued need for investment in robust security measures. The majority of respondents had experienced at least one edge security incident in the past year (62%) – Germany (66%), the US (65%) and the Netherlands (64%) were the two most affected markets, followed by France (59%) and the UK (57%).

Data theft and crypto mining within clusters, attacks on running services using unknown vulnerabilities, visibility and controls to sensitive data being accessed in the cloud and monitoring and alerts on malicious activities behaviours followed as secondary concerns.

In-house auditing of vendor software is considered most critical to mitigating software supply chain attack risks. A quarter of IT decision makers also believe that government-recognised supply chain-related security certifications will become more of a priority for them over the next 12 months.