Why cloud security needs to be managed differently in the age of AI

Each business has unique workflows, data types, and regulatory requirements that necessitate a tailored approach to security. Also, default configurations may overlook critical security gaps, fail to account for emerging threats, and lack the necessary granularity for monitoring and response.

Another challenge is monitoring and response. Even the most advanced security orchestration, automation, and response (SOAR) tools are only as effective as the programming, oversight, and incident response teams behind them. Without skilled analysts, even the best-in-class systems can fail.

Financial strain adds to the problem. Many organizations struggle with hidden cloud costs — from data storage to inefficient resource allocation. Poorly managed security and spending often go hand-in-hand.

We also need to keep in mind that the cloud threat landscape has evolved a lot over the last couple of years. The interconnected nature of cloud services creates a supply chain that is inherently vulnerable, not just because of technical flaws, but also because of how identities and access are managed across third parties.

APIs, the backbone of cloud functionality, remain frequent targets, and shadow identities or over-permissioned accounts can open new attack vectors. Allen Moffett explored three steps to managing secure third-party access in your supply chain, an article that was featured in the 17th Edition of Atos’s Digital Security Magazine. Besides managing secure third-party access, building strong governance around identity in the supply chain is now just as important as patching software or hardening infrastructure. Meanwhile, AI-orchestrated attacks are no longer theoretical — they’re happening.

Compounding these challenges is the pervasive lack of knowledge and expertise surrounding cloud operations. Organizations frequently underestimate the intricacies involved, leaving them susceptible to misconfigurations and vulnerabilities that can be easily exploited. Additionally, the traditional concept of segregation of duties may falter in cloud environments, where roles and responsibilities can blur, leading to potential exploitation.

Furthermore, the rise of geopolitical tensions adds another layer of complexity to the threat landscape. Cyberattacks are no longer solely the domain of state-sponsored actors targeting government entities; private organizations and NGOs are equally at risk. The potential for politically-motivated attacks increases the urgency for comprehensive security measures that address both the technical and human elements of cloud security. Sovereignty has become a huge concern for many businesses, and also public organizations.

In light of these realities, it is imperative for organizations to rethink their approach to cloud security. A proactive stance that is grounded in a thorough understanding of the cloud environment and a commitment to continuous improvement is essential to safeguard against modern-day evolving threats.

What makes this even more pressing is how the cloud threat landscape itself has shifted. The interconnected nature of services has effectively created a digital supply chain that is inherently vulnerable. The backbone of cloud functionality, APIs remain weakly protected, making them attractive entry points for attackers. With remote work now the norm and AI-orchestrated attacks moving from theory to practice, the urgency for stronger, more adaptive cloud security measures has never been greater.

So, what should we do differently in 2025 and beyond?

Four practices for stronger cloud security

To stay ahead in this evolving environment, organizations need to adopt a more deliberate, proactive cloud security strategy. Here are four practices that can make a difference.

1. Proper strategy is key.

Having a proper strategy for cloud security is vital for organizations as it lays the foundation for safeguarding critical assets and ensuring business continuity. Identifying critical assets allows organizations to prioritize their security efforts, focusing on the most valuable resources that, if compromised, could lead to significant financial loss, reputational damage, or regulatory penalties. Strategy should determine which assets can be kept in the cloud, as well as impose on the organizational evaluation of sensitivity and criticality of their data and applications, finally ensuring proper controls.

Organizations must allocate their budgets strategically to effectively protect these valuable resources. Here’s how:

• Invest in advanced security technologies such as encryption, access controls, and threat detection systems specifically tailored for the cloud environment.
• Consider budget allocations for training and development, ensuring that their teams possess the necessary skills and knowledge to manage cloud security effectively.
• Regular audits and assessments should also be budgeted to identify vulnerabilities and compliance gaps.

By adopting a comprehensive approach to budget allocation, organizations can create a resilient cloud security posture that not only protects critical assets but also supports long-term business goals in an increasingly digital landscape. And believe me – the budget allocated for training will be a good investment, as with properly trained staff you may avoid much higher costs resulting from a breach.

2. Choose your battles.

In the realm of cloud security, choosing your battles wisely is essential to avoid the pitfalls of overinvestment while maintaining a robust security posture. Rather than pouring excessive resources into a multitude of security tools, organizations should focus on layering their defenses to create a comprehensive security framework. This means implementing a minimum effective toolset and layering it by combining cloud provider’s native security tools with advanced third-party solutions for multicloud security like CNAPP & SASE that work cohesively to defend against threats. Native security is often very good (and sometimes you don’t need more), only if it is not running on the default settings but is well configured by experts. If you do not have enough expertise in your organization, you can rely on external experts to set it up for your needs.

Furthermore, a fragmented security approach can lead to gaps and vulnerabilities that adversaries can exploit, so ensuring these layers are well-integrated is crucial.

Governance also plays a pivotal role in maximizing the effectiveness of existing resources. Establishing clear policies and procedures helps ensure that security measures are consistently applied and compliant with industry standards. In this way, we ensure the minimum effective toolset is used correctly, avoiding alert fatigue and allocating the budgets intelligently, ensuring that every investment contributes to a stronger, more cohesive security framework.

3. Let the experts test your defense

Two heads are better than one – this saying applies to testing your cloud defense, too. Involving external consultants or red teams strengthens this principle by providing an objective assessment of an organization’s security posture. These experts bring a wealth of knowledge and experience, often having worked with various organizations across different sectors. By conducting penetration testing and vulnerability assessments, they can simulate real-world attacks to identify weak points in defenses that internal teams may overlook due to familiarity or bias.

Additionally, red teams can challenge existing security protocols and assumptions, pushing organizations to think critically about their defenses and response strategies. Their insights can help organizations refine security measures, implement best practices, and ultimately bolster their overall resilience against potential breaches. By leveraging the expertise of consultants or red teams, organizations can create a more robust security framework and invest in the security improvements that address their weak points to be better equipped to detect and respond to evolving threats in the cloud.

4. Hope for the best, but prepare for the worst

In the ever-evolving cloud landscape, preparation for the unavoidable is paramount, especially considering the likelihood of a breach. Organizations must adopt a resilient mindset, ready to get back on their feet swiftly after a fall. Maintaining working (and tested!) failover procedures and robust backup systems are crucial. (Yes, some advice from 2015 is still relevant!) By cultivating a culture of preparedness, organizations can transform the fear of breaches into a strategic advantage, enabling them to navigate crises effectively and emerge stronger on the other side.

Moreover, detection and reaction are critical components of a comprehensive cybersecurity strategy, transcending the boundaries of cloud environments to encompass all areas of an organization’s security posture.

In today’s rapidly evolving threat landscape, the ability to swiftly identify potential breaches or suspicious activities can mean the difference between a minor incident and a data loss or service disruption. Effective detection relies on a combination of advanced technologies, such as real-time monitoring, threat intelligence, and machine learning algorithms, which can analyze vast amounts of data to spot anomalies and flag potential threats. However, detection alone is insufficient.
Organizations must also focus on their reaction capabilities. A well-defined incident response plan is essential to ensure that when a threat is detected, appropriate actions are taken promptly and efficiently. This includes clearly outlining roles and responsibilities, establishing communication protocols, and conducting regular training and tabletop exercises to prepare teams for various scenarios. The integration of AI should make both the detection and response more effective – and AI for security is often included in the native cloud security toolset.

2025 onwards: Cloud recession or a golden era?

Some predict that concerns over AI-driven threats, sovereignty, and supply chain risks will push organizations away from the cloud. However, security concerns should not block you from thriving your business, and cloud can be very helpful in exploring full potential that technology can offer you in 2025. The tools are available at your fingertips. It’s all about proper strategy and expertise in how to choose them, integrate with each other and make the most value of what is available on the market – be it for millions of Euros or open-source.

By leveraging the cloud while ensuring proper security strategy and execution, you can empower your organization to embrace agility and innovation, allowing you to adapt to the fast-paced digital world.

>> Let’s discuss how your organization can amplify its cloud security posture with resilience. Connect with me to share your thoughts.

>> Learn more about how Atos’s experts can boost your business growth strategy and robust infrastructure with unique cybersecurity solutions and services.

Posted: 23/09/25