As organizations move more workloads into cloud environments, security professionals are wondering why cloud security seems so difficult. They face challenges with visibility and attribution that arise from trying to validate and measure security posture in an environment where they have little to no control.
This is not a new problem. We’ve been outsourcing and using co-location providers and other third-party arrangements for years. Now, however, we have a highly scalable and dynamic service infrastructure, and in most cases, we share resources with other organizations. The good news is that today, there are many more options for security controls in the cloud, ranging from vendor solutions to cloud-native offerings from the providers themselves.