Many businesses in the Asia Pacific region and worldwide are facing security risks in their Kubernetes environments, according to the 2024 Tenable Cloud Risk Report. The study highlights that misconfigured cloud infrastructure could expose organizations to cyberattacks, data breaches, and operational disruptions.
“Kubernetes is the backbone of many cloud-native applications, but organizations in Apac are struggling to secure these environments properly,” said Ari Eitan, research director at Tenable. “Publicly exposed Kubernetes API servers and overprivileged containers are serious risks that leave businesses vulnerable to attacks.”
Eitan emphasized that without the right security measures in place, these misconfigurations can lead to catastrophic breaches.
The report found that 78% of organizations have publicly accessible Kubernetes API servers, with 41% allowing inbound internet access. Attackers could exploit these settings to gain access to cloud environments. It also revealed that 44% of businesses run containers in privileged mode, increasing the risk of cybercriminals escalating their access. Also, 58% of organizations have overly permissive cluster-admin roles, which could allow attackers to take control of critical workloads.
To reduce these risks, Tenable recommends businesses limit API exposure by applying firewall rules and restricting inbound access. It also advises against running privileged containers unless necessary and urges organizations to follow security guidelines like the CIS Kubernetes Benchmark. Strengthening role-based access control (RBAC) by limiting admin privileges and conducting regular security audits can further protect Kubernetes environments.
“The growing adoption of Kubernetes is a double-edged sword. While it offers great agility for cloud operations, it also introduces a new layer of complexity and security risks,” Eitan said. “Apac businesses must prioritize Kubernetes security, particularly by closing exposure gaps and enforcing strict access controls.”