Lightspin announced the results of its research, which discovered a gap between AWS Identity and Access Management user and group policies that an attacker can abuse to take over accounts, delete group members, steal data and shut down services. The research team was able to compromise dozens of accounts by using this technique. Lightspin researchers discovered that many security administrators were unaware that AWS IAM rules do not work the same way as Azure Active Directory or other authorization mechanisms.
According to PreciseSecurity.com, cloud security spending in the United States is expected to reach $1.93 billion by 2021. Back in 2016, the US region spent $675 million on cloud security solutions in total, meaning it will triple in the following years. In comparison with other regions, the United States also represents the leading cloud security spending region in the World, followed by the Asia Pacific with $638 million cloud security costs expected in 2021.