The Orca Security 2020 State of Public Cloud Security Report


In Episode S2E3 – The Orca Security 2020 State of Public Cloud Security Report – we have a discussion with Avi Shua, Co-Founder and CEO of Orca Security. Avi takes us through some of the more interesting findings of this new industry report.

Avi has more than 25 years of experience in cybersecurity. Prior to co-founding Orca Security, Avi was the chief technologist at Check Point Software Technologies and held key positions within Unit 8200, the Israeli NSA. While at Check Point, he built and scaled cybersecurity solutions that continue to protect tens of thousands of organizations to this day. Avi believes that cybersecurity products should always support the organization and not the other way around.

Please click the image below to listen to this podcast episode. If you find it interesting and helpful, please consider subscribing to and liking our podcast.

This study shows that public cloud environments are rife with neglected workloads, authentication issues, and lateral movement risk

The world of cybersecurity isn’t fair. Security teams need to secure everything, but attackers need only find one weak link. For most organizations, cloud workload security is dependent upon the installation and maintenance of security agents across all assets. This rarely happens, as this report shows.

You can download this complete report at https://info.orca.security/2020-state-of-public-cloud-security-report

Some notable key findings include:

  • More than 80 percent of organizations have at least one neglected, internet-facing workload – meaning it’s running on an unsupported operating system or has remained unpatched for years.
  • Meanwhile, 60 percent have a neglected internet-facing workload that has reached “end-of-life” and will no longer be supported by manufacturer security updates.
  • Perhaps most concerning, 49 percent even have at least one publicly accessible unpatched web server despite awareness of how that can result in large data breaches, like Equifax in 2017.
  • Authentication and credential issues are also widespread, with nearly 25 percent of organizations having at least one cloud account without multi-factor authentication on the ‘super admin user’.
  • When it comes to lateral movement risk, the security posture of internal machines is much worse than internet-facing servers, with 77 percent of organizations having at least 10 percent of their internal workloads in a neglected security state.

*Methodology note: The report is a cross-industry analysis of the current state of public cloud security deployments based on data from more than 2 million scans of 300,000 public cloud assets running on AWS, Azure, and GCP.


Steven Bowcut, CPP, PSP is an award-winning journalist covering cyber and physical security. He is an editor and writer for Brilliance Security Magazine as well as other security and non-security online publications. Follow and connect with Steve on Twitter, Facebook, Instagram, and LinkedIn.