ITSecurityWire: Defending the Cloud: A Strategic Approach
ITSecurityWire examined how organisations can strengthen cloud security in the face of increasingly sophisticated attacks, in an expert article from NetSPI’s Nicholas Lynch. Read the preview below or view it online.
+++
Securing identity in the cloud era
Regarding “Defending the Cloud: A Strategic Approach” (ITSecurityWire, September 15): As over 94% of organisations rely on cloud services, attackers are adapting their tactics, exploiting APIs, identity gaps, and trusted relationships to slip under the radar. Nicholas Lynch, Principal Security Consultant at NetSPI, warns that identity is now the perimeter, and attackers are “logging in” rather than breaking in.
Lynch explained that modern adversaries, including groups like Midnight Blizzard and Scattered Spider, are refining their cloud-specific tradecraft, abusing legitimate authentication flows to maintain access. He emphasised that identity compromise is difficult to detect because it looks normal: stolen credentials, tokens and API keys rarely trigger alerts, while over-permissive roles can expose critical systems.
The article also challenges the notion that compliance equals security. Built-in compliance tools may tick boxes but can create a false sense of safety. Legacy approaches such as “lift and shift” migrations often replicate outdated models, leaving gaps that attackers exploit.
To defend against these risks, Lynch advises adopting a cloud-native mindset, enabling centralised logging, mandating multi-factor authentication, and using Cloud Security Posture Management (CSPM) tools to continuously monitor for misconfigurations and excessive permissions. Regular penetration testing, he adds, is key to validating controls and identifying vulnerabilities before adversaries do.
Ultimately, effective cloud defence demands reframing strategies around attacker logic. Continuous validation, strong identity governance and proactive monitoring will define which organisations stay resilient as cloud attacks continue to evolve.
You can read the full article here.
Explore More News
Canvas breach puts global education cyber risk in focus
ITBrief interviewed NetSPI's Field CISO, Nabil Hannan, for a May 24, 2026 article about a major data breach in Instructure's Canvas learning management system disrupting final exams at universities.
Microsoft is working on a patch for ‘YellowKey’ attack on BitLocker, offers temporary fix
CSO Online interviewed NetSPI's VP of Research, Karl Fosaaen, for a May 20, 2026 article about how Microsoft is working on a patch for a zero-day vulnerability dubbed "YellowKey" (CVE-2026-45585).
AI-powered Continuous Pentesting
NetSPI® launches AI-powered Continuous Pentesting to help organizations validate and reduce risk through their Human-led, AI-accelerated platform that supports continuous penetration testing and agentic MCP integrations.