9 Questions You Should Ask About Your Cloud Security


In a brief video explainer and commentary, Josh Stella, chief architect at Snyk and founding CEO of Fugue, a developer-first cloud security SaaS company, advises business and security leaders on why relying on “checkbox security” approaches in the cloud leaves them vulnerable to attack.

This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20220513005085/en/

In order for business leaders and cybersecurity professionals to gain the knowledge they need to thwart the hackers constantly targeting their cloud infrastructure and applications, they need to think like General George S. Patton (or rather like George C. Scott, the actor who won the Best Actor Oscar for his portrayal of the general in the 1970 film “Patton”).

In an early scene, the camera focuses on a book Patton is reading by German General Erwin Rommel. The point is to show how Patton does not rely solely on military intelligence to plan the next battle. He’s being proactive in learning as much as he can about how his adversary thinks and operates. The next scene depicts Patton’s troops launching a devastating attack on German tanks and infantry. Peering through his binoculars, Patton smiles and yells “Rommel, you magnificent (expletive), I read your book!”

So too must business and security leaders be proactive in gaining as much knowledge as they can about hackers’ motivations and tactics. Do not rely only on what your security solutions are telling you because that will only give you a false sense of security. Every day, hackers are sidestepping security perimeters, crossing arbitrary boundaries, and evading security solutions to ultimately get at the data they want without detection.

Your adversaries are probably not going to write books about their methodologies for you to study. So, here are nine questions that all senior executives (CISOs, CIOs, CEOs) need to ask about their cloud security and that their cloud security teams should know the answers to at all times.

1. How out of compliance is our cloud environment?

No enterprise organization operating in the cloud has an environment that’s 100% in…