Dave WardThe hasty cloud migrations of 2020-2022 are becoming today's security incidents. Too many organisations lifted-and-shifted their on-premises security models without adapting to cloud-native threats.
Last month's healthcare breach perfectly illustrates this: attackers exploited AWS IAM roles configured to mirror traditional Active Directory groups. One compromised service account gained access to 127 different services across multiple regions. The fundamental problem? Cloud security operates on entirely different principles than on-premises infrastructure.
On-premises security focuses on perimeter defence: secure the boundary, trust what's inside. Cloud security requires identity-first thinking: every interaction is untrusted until verified against current context, location, device state, and behaviour patterns. Your identity becomes your perimeter.
Forward-thinking organisations audit their cloud permissions with financial audit rigour. They use short-lived tokens instead of static credentials, implement contextual access controls, and apply zero-trust principles to every service interaction. Because in the cloud, over-privileged identities are essentially open invitations to attackers.