ITSecurityWire: Defending the Cloud: A Strategic Approach

ITSecurityWire examined how organisations can strengthen cloud security in the face of increasingly sophisticated attacks, in an expert article from NetSPI’s Nicholas Lynch. Read the preview below or view it online.

+++

Securing identity in the cloud era

Regarding “Defending the Cloud: A Strategic Approach” (ITSecurityWire, September 15): As over 94% of organisations rely on cloud services, attackers are adapting their tactics, exploiting APIs, identity gaps, and trusted relationships to slip under the radar. Nicholas Lynch, Principal Security Consultant at NetSPI, warns that identity is now the perimeter, and attackers are “logging in” rather than breaking in.

Lynch explained that modern adversaries, including groups like Midnight Blizzard and Scattered Spider, are refining their cloud-specific tradecraft, abusing legitimate authentication flows to maintain access. He emphasised that identity compromise is difficult to detect because it looks normal: stolen credentials, tokens and API keys rarely trigger alerts, while over-permissive roles can expose critical systems.

The article also challenges the notion that compliance equals security. Built-in compliance tools may tick boxes but can create a false sense of safety. Legacy approaches such as “lift and shift” migrations often replicate outdated models, leaving gaps that attackers exploit.

To defend against these risks, Lynch advises adopting a cloud-native mindset, enabling centralised logging, mandating multi-factor authentication, and using Cloud Security Posture Management (CSPM) tools to continuously monitor for misconfigurations and excessive permissions. Regular penetration testing, he adds, is key to validating controls and identifying vulnerabilities before adversaries do.

Ultimately, effective cloud defence demands reframing strategies around attacker logic. Continuous validation, strong identity governance and proactive monitoring will define which organisations stay resilient as cloud attacks continue to evolve.

You can read the full article here.