Red Hat: Human Error a Leading Cause of Kubernetes Security Mishaps
When Red Hat acquired StackRox, you might have wondered whether StackRox’s semiannual report on the state of Kubernetes security would survive. Worry no longer, Red Hat will continue to produce the State of Kubernetes Security Report. Worry instead about how often we stumble over Kubernetes and container security incidents.
How bad is it? It’s awfully bad. 94% of respondents stated they have experienced a Kubernetes and container environments security incident in the last 12 months. Worse still, more than half of respondents, 55%, ended up delaying Kubernetes application production developments due to security screw-ups over the last 12 months.
What’s the root cause of all these failures? It’s not nasty old hackers attacking. Oh no. We’re doing it more often to ourselves. Nearly 60% of those surveyed said human error was the cause of data breaches and failures. In particular, most have experienced a misconfiguration incident within the last 12 months.
We simply don’t have anything like enough people who really understand how to deploy Kubernetes properly, never mind enough professionals who know how to secure it. As Charlie Fiskeaux, UX leader at monitoring company Circonus recently observed, “Kubernetes monitoring is … complicated. Knowing metrics on cluster health, identifying issues, and figuring out how to remediate problems are common obstacles organizations face, making it difficult to fully realize the benefits and value of their Kubernetes deployment.”
/cdn.vox-cdn.com/uploads/chorus_asset/file/25249728/246961_Costa_Rica_Renewables_3_IVargas.jpg)
/cdn.vox-cdn.com/uploads/chorus_asset/file/25414869/IMG_0523.jpg)
