Cloud computing was the lifeline that kept many companies running during the pandemic. But it was a classic case of medicine that comes with serious side effects.

Having anywhere, anytime access to data and apps gives companies tremendous flexibility in a fast-changing world, plus the means to scale and customize IT at will. The cloud is an asset or upgrade in almost every way.

With one glaring exception: cybersecurity.

The cloud promised to make companies more secure and security more straightforward. Yet over the same time period that the cloud took over computing, cyber attacks grew steadily worse while security teams felt increasingly overwhelmed.

Why?

We will explain shortly. For lean security teams, the more important question is how to make cloud security work, especially as the cloud footprint grows (a lot) faster than security resources. Will the cloud always cast a shadow on cybersecurity?

Not with the strategy outlined in a free ebook from Cynet called “The Lean IT Guide to Cloud Security“. It explains how security teams with less than 20, 10, or even 5 members can make cloud security work from here forward.

Storms Brewing in the Cloud

The “cloud rush” prompted by the pandemic certainly caught hacker’s attention. Attacks on cloud services rose 630% in 2020 and topped on-premises attacks for the first time. The sudden increase in cloud adoption explains some of that uptick – the cloud was a larger target than before. But this really had nothing to do with the pandemic.

It was only a matter of time before hackers started relentlessly targeting the cloud, now costing businesses $3.8 million on average with each successful breach.

Clouds look to hackers like prime targets, more appealing than almost any other.

On the one hand, clouds house huge stores of valuable data along with mission-critical applications. They are where the valuable targets live, so they’re an obvious, even inevitable attack vector.

On the other hand, clouds either complicate or compromise many of the cyber defenses already in place, while coming with complicated defensive requirements of their own. Many cloud environments end up insecure, making them an easy attack vector as well.

As long…