Cloud adoption is rapidly on the rise. Gartner estimates that 90% of organizations will adopt hybrid clouds through 2027 [1].
There are many reasons why organizations are migrating on-premises infrastructure to the cloud. It can increase the speed and scale of computing resources, improve reliability and resilience, and save time by outsourcing the spinning up, patching, and updating of infrastructure.
However, despite these benefits, it is complex to secure. Public clouds operate with a shared responsibility model, meaning that while the Cloud Service Provider (CSP) maintains the physical infrastructure and services, customer organizations are responsible for their own security and compliance in their cloud deployments.
This customer responsibility is crucial. Gartner forecasted that through 2025, 99% of cloud security failures would be the customer’s fault [2]. As cloud environments grow, security teams are taking on a greater share of the responsibility to protect these assets.
The many teams involved in cloud security
Several teams work across the cloud, and all of them can contribute to cloud security. For example, basic cyber-hygiene and Identity and Access Management (IAM) should be practiced across teams.
Not every organization has the same categorization of teams, but some common ones include:
- Security: assessing and mitigating vulnerabilities, risks, and threats. This team must be ready to identify, investigate, respond, and recover from incidents.
- Infrastructure and ITOps: deploying and maintaining resources. Security must be considered across all layers of the cloud, including gateways, identity, encryption, and attack surface.
- Research & development: building cloud-based applications. Security must be baked into code, referenced data, access, APIs, and third-party integrations.
- DevOps: improving the software development process. Security must be applied to code across the development and production stages.
- Compliance: adhering to industry standards and frameworks. Security often comes up in compliance regulations.
- End users: working in the cloud. Security must be taught through employee training sessions to adopt best practices and increase resistance against threats like phishing or data loss.
Traditionally, many organizations left cloud security to dedicated cloud teams. However, it is becoming more and more common for security teams to take on the responsibilities of securing the cloud. This is also true of organizations undergoing cloud migration and spinning up cloud infrastructure for the first time.
The complexity of cloud security
Most organizations using the cloud today have hybrid and/or multi-cloud deployments. Hybrid deployments combine public and private cloud environments and multi-cloud deployments use a combination of public cloud providers or regions where servers are stored. In fact, Deloitte reports that as many as 85% of businesses, a vast majority, use two or more cloud platforms, and 25% use at least five [3].
While these diverse deployments can boost resiliency, they also complicate security. Multiple environments increase the attack surface and reduce architectural visibility, making misconfigurations, unmanaged access, and inconsistent policies more likely. This complexity creates gaps in security that often require specialized teams and expert personnel to address.
Challenges driving security teams’ responsibility
The usual approaches to other types of cybersecurity can’t be applied the exact same way to the cloud. With the inherent dynamism and flexibility of the cloud, the necessary security mindset differs greatly from those for networks or data centers, with which security teams may be more familiar.
For example, IAM is both critical and distinct to cloud computing, and the associated policies, rules, and downstream impacts require intentional care. IAM rules not only govern people, but also non-human entities like service accounts, API keys, and OAuth tokens. These considerations are unique to cloud security, and established teams may need to learn new skills to reduce security gaps in the cloud.
Additionally, there are greater compliance pressures from GDPR, CCPA, and industry-specific regulations. While some companies have dedicated compliance teams, not every organization does and others are not always familiar with working in cloud environments. In these cases, responsibilities may fall to the security team.
Finally, there has been a rise in sophisticated, cloud-based threats, such as account takeovers and misconfigurations. Preparing, responding to, and recovering from these cloud-specific threats lie with the security team as well.
Learn more about the top risks and attacks faced in the cloud in the white paper: “Tackling the 11 Biggest Cloud Threats with AI-Powered Defense.”
Solutions empowering security teams
The leading role of security teams in cloud security can put a strain on existing resources as well as exacerbate skills gaps. In response, security teams can turn to AI-powered tools like Darktrace / CLOUD to provide real-time detection and response in cloud environments.
Darktrace uses multi-layered AI to learn normal ‘patterns of life’ for all users, technologies, and resources across the organization, enabling it to recognize the subtlest anomalies that point to an emerging threat.
The use of AI allows for automation that reduces manual workloads and saves teams time. The self-learning capabilities also help the human team detect subtle indicators that can be hard to spot amid the immense noise of legitimate, day-to-day digital interactions.
With these, Darktrace can respond to both known and novel threats, helping security teams keep pace with today’s sophisticated threats, even if team members feel less confident in cloud environments.
Crucially, Darktrace / CLOUD can enable proactive risk management as well. Attack Path Modeling for the cloud identifies exposed assets and highlights internal attack paths to give a dynamic view of the riskiest paths across cloud environments, network environments, and between – enabling security teams to prioritize based on unique business risk and address gaps to prevent future attacks.
Darktrace / CLOUD dynamically adjusts its focus based on evolving risks, analyzing misconfigurations, and anomalous activity to prevent potential attacks. Its Entitlement Enumeration capability helps security teams gain visibility into all identities, roles, and permissions, allowing dynamic adjustments to stop insider threats and lateral movement.
In these ways, the AI-powered Darktrace / CLOUD can support security teams as they take on the lion’s share of responsibility in securing the cloud, regardless of any resource limitations or skills gaps.
Conclusion
Cloud security is both vital under the shared responsibility model and complex with hybrid and multi-cloud deployments and strict regulatory demands. While many teams contribute to cloud security, more and more responsibilities are shifting to security teams specifically.
AI-powered solutions that can detect and respond to threats spanning a wide range of risks and attack types can support security teams as they protect dynamic cloud environments. By adopting real-time cloud detection and response tools, security teams have more time to dedicate to proactive projects and high-level tasks as well as reduced burden on less specialized team members.
Discover how advanced AI solutions like Darktrace / CLOUD can address evolving cloud security needs in the solution brief.
Read more about the latest trends in cloud security in the blog “Protecting Your Hybrid Cloud: The Future of Cloud Security in 2025 and Beyond.”
References:
1. Gartner, November 19, 2024, “Cloud End-User Spending to Total $723 Billion in 2025”
2. Gartner, October 10, 2019, “Is the Cloud Secure?”
3. Deloitte, December 6, 2022, “Above the clouds: Taming multicloud chaos”
Protect Your Hybrid Cloud
Discover how advanced AI solutions like Darktrace / CLOUD can address evolving cloud security needs in this solution brief
