Strategic Shifts in Enterprise Cybersecurity Preparedness and Cloud Risk Management
Enterprise organizations are increasingly recognizing the convergence of cyber and operational risks, particularly as reliance on cloud infrastructure grows. Recent high-profile outages, such as the AWS US East 1 incident, have demonstrated that disruptions—whether caused by technical failures or cyberattacks—can have similar operational and reputational impacts. Security leaders are urged to prioritize preparedness, scenario planning, and governance to address these challenges, as traditional backup architectures may not be sufficient to mitigate the cascading effects of cloud service failures. The growing adoption of hybrid and multi-cloud environments, driven by business needs and AI integration, further complicates risk management, requiring organizations to adapt their security strategies to address the unique challenges posed by cloud diversity and complexity.
Surveys and expert commentary highlight that a majority of organizations now depend on hybrid or multi-cloud strategies, with a significant portion planning further cloud adoption. This shift necessitates a holistic approach to cloud risk, emphasizing the importance of resilience, compliance, and proactive risk mitigation. Security teams must navigate the increased attack surface and operational dependencies introduced by cloud environments, ensuring that both technical and organizational measures are in place to manage and contain cloud-related risks effectively. The evolving landscape underscores the need for continuous adaptation of cybersecurity strategies to safeguard critical business functions in an era of ubiquitous cloud reliance.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
3 events from the most recent confirmed update back to the earliest known activity.
Trend Micro publishes Defenders Survey Report 2025 on cloud risk
Trend Micro reported that hybrid and multi-cloud environments are now standard for most organizations, with 70% of respondents relying on cloud services for IT needs, and identified cloud visibility, data loss, and tool fragmentation as major security challenges. The report recommends a more integrated platform approach to managing cloud and AI-related risk.
Deluxe unifies disaster recovery and cyber response exercises
In response to lessons from major outages, Deluxe integrated its disaster recovery and cyber incident exercises, expanded dependency mapping to include third-party SaaS providers, and improved coordination across IT, cybersecurity, business continuity, and vendors.
AWS US East 1 outage highlights resilience gaps
A large-scale service outage in AWS's US East 1 region demonstrated that technical failures can disrupt organizations in ways similar to cyber incidents, underscoring the business impact of cloud dependency. The reference does not provide a specific outage date.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Cloud Security Risks and Organizational Adaptation
Misconfigured cloud services continue to pose significant security risks for enterprises, with a recent Qualys report revealing that a large percentage of virtual machines across AWS, GCP, and Azure have improperly configured resources. Security experts highlight that while organizations often enable some cloud security features, critical controls such as logging, monitoring, and multi-factor authentication are frequently neglected, increasing the likelihood of breaches. The report also notes that 28% of surveyed professionals experienced a cloud or SaaS-related breach in the past year, and 24% identified misconfiguration as the top risk to their cloud environments. As cloud adoption accelerates, organizations are restructuring IT teams to address these evolving security challenges. There is a marked increase in demand for specialized roles such as cloud security architects, system administrators, data architects, and governance/compliance managers. These roles are essential for designing secure cloud infrastructures, managing configurations, ensuring regulatory compliance, and responding to incidents, reflecting a broader industry trend toward prioritizing cloud security and governance as core business objectives.
Mar 21, 2026
Common Security Challenges and Best Practices in Cloud and Hybrid Environments
Organizations increasingly face complex security challenges as they migrate data and operations to public cloud services such as AWS, Azure, and Google Cloud Platform. One company experienced a near-miss incident when a developer accidentally exposed a customer database on AWS S3, highlighting the critical importance of default encryption and strict access controls. Security teams learned that enabling server-side encryption in AWS, Storage Service Encryption in Azure, and Cloud Storage encryption in GCP is essential for protecting sensitive data at rest and in transit. The principle of least privilege proved vital, with careful management of IAM roles in AWS, RBAC policies in Azure, and Cloud IAM in GCP preventing unnecessary access. Automated security monitoring, using tools like AWS CloudTrail, Azure Monitor, and GCP Cloud Audit Logs, is necessary to detect and respond to suspicious activity or configuration changes in real time. In another case, a company discovered the risks of an unplanned hybrid cloud environment, where data was scattered across AWS, a private data center, and Google Cloud due to decentralized adoption by different departments. The lack of visibility into data locations created a significant security blind spot, prompting the implementation of a unified dashboard to track all assets. The disappearance of the traditional network perimeter in hybrid environments led to the adoption of single sign-on (SSO) and multi-factor authentication (MFA) across all platforms, ensuring secure access regardless of location. Both experiences underscored the need for coordinated security strategies and cross-departmental collaboration to manage cloud and hybrid environments effectively. Security teams must recognize that identity management is now the primary defense, requiring robust authentication and authorization mechanisms. The stories also illustrate the importance of rapid incident response and the value of learning from near-miss events to strengthen future defenses. Regular audits, continuous monitoring, and proactive policy enforcement are necessary to maintain security in dynamic cloud and hybrid infrastructures. Organizations are advised to treat cloud security as an ongoing process, adapting to new threats and technologies as they emerge. The lessons learned from these incidents are applicable to any organization leveraging cloud services, regardless of size or industry. Ultimately, a combination of technical controls, organizational policies, and user education forms the foundation of effective cloud and hybrid security. By prioritizing visibility, access management, and automated monitoring, companies can reduce the risk of data breaches and maintain customer trust. These best practices are essential for safeguarding sensitive information in today's interconnected digital landscape.
Mar 21, 2026
Expanding Cyber Risk Across Connected Assets and Supply Chains
Organizations are facing a rapidly evolving cyber risk landscape as the boundaries between IT, operational technology (OT), Internet of Things (IoT), and supply chain systems blur. The proliferation of connected devices, such as cameras, badge readers, HVAC systems, and factory controllers, has significantly increased the attack surface for enterprises. Business demands have driven the integration of IT, OT, and IoT, enabling telemetry to inform analytics and automation, but also concentrating dependencies on critical control planes like cloud consoles and APIs. This interconnectedness means that a single compromised identity provider, software updater, or remote management tool can serve as a single point of failure, potentially impacting thousands of endpoints and critical business processes. Security leaders emphasize the importance of maintaining a living inventory of assets, applying least privilege principles, and segmenting networks by function and criticality to mitigate these risks. Unknown or unmanaged devices should be treated as unsafe until proven otherwise, and where devices lack robust security features, organizations are advised to broker connections through secure gateways. The challenge is compounded by resource constraints and the long lifecycles of many IoT and OT devices, which often cannot be easily updated or replaced. The expansion of cyber risk also extends to the supply chain, where third-party vendors, contractors, and service providers can become entry points for attackers. Recent high-profile breaches have demonstrated that adversaries exploit trusted relationships to infiltrate organizations, with the fallout often affecting the victim company regardless of where the breach originated. This complexity is frequently invisible to the public and regulators, leading to reputational damage and loss of narrative control for affected organizations. Effective cyber readiness now requires extensive preparation, including scenario exercises, communication planning, and training to operate under pressure. The shift from endpoint-centric to control plane-centric risk management reflects the need to address the realities of modern, interconnected business environments. Organizations must adopt an "assume breach" mindset and focus on resilience and recovery planning, not just prevention. The evolving threat landscape demands that security strategies account for the full spectrum of connected assets and the intricate web of dependencies that define today's enterprises. As the definition of cyber risk continues to expand, so too must the approaches to visibility, segmentation, and incident response. Ultimately, the ability to manage and recover from cyber incidents hinges on preparation, visibility, and the recognition that every connected asset and relationship represents a potential risk vector.
Mar 21, 2026