Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Membership Benefits
Our Member Community
Get Involved
Become a Member
Member-Exclusive Programs
STAR Enabled Solutions
Trusted Cloud Consultant
Trusted Cloud Provider
Certified STAR Auditors
Member Portal
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Education Platforms
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Chapters
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Cloud Security Glossary
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Submit a Peer Review for the AI Controls Matrix—a groundbreaking framework to address AI risks and strengthen security.

How to Secure Cloud Environments and Minimize Data Breach Risks

Published 01/10/2025

Home
Industry Insights
How to Secure Cloud Environments and Minimize Data Breach Risks

Originally published by Tenable.

Written by Gad Rosenthal.


The rapid shift to cloud computing has transformed how organizations manage and store their data. But as cloud adoption has grown, the risks have been heightened as well. Seeing opportunity, cybercriminals are increasingly targeting cloud environments, exploiting vulnerabilities such as weak access controls, misconfigurations, and unpatched systems.

To ensure the security and integrity of cloud-based assets and prevent data breaches, organizations need a comprehensive approach that anticipates risks.


The growing cloud threat landscape

Cloud environments are attractive targets for attackers because they’re scalable and often house vast amounts of sensitive data. Those attackers like to use social engineering to gain access to sensitive resources by means of social engineering, utilization of exposed credentials to gain access to sensitive resources, misconfigurations and unpatched software. Such tactics underscore the need for robust employee training.

With many organizations adopting multi-cloud strategies, consistent security is harder to maintain. So, identifying and addressing these risks is essential to strengthening cloud defenses.


Five key steps to protect cloud environments

Tenable recommends five ways to build and maintain a strong security posture:

  1. Adopting cloud data security posture management (DSPM) tools: DSPM solutions provide continuous monitoring and automation to identify sensitive data in multi-cloud environments. These tools, which discover and classify sensitive data, enabling the triage process. As a result, they improve visibility into data exposure and usage.
  2. Performing ongoing risk assessments: Use an agentless cloud security platform to perform regular scans and identify exposures such as CVEs, misconfigurations, over-permissive access and policy violations before they are exploited. Generate a baseline of security posture and identify trends and changes over time.
  3. Strengthening identity and access management (IAM): Robust IAM controls that include multi-factor authentication and least-privilege access are critical. Regular audits and updates to standing permissions minimize the risk of insider threats or account compromises.
  4. Patching and updating regularly: Outdated software is a common entry point for attackers. A disciplined patch management process ensures systems and applications remain secure. Automation can streamline this process for timely updates.
  5. Educating employees on security best practices: Human error is a leading vulnerability in cybersecurity. Regular training helps employees recognize threats such as phishing attempts and use strong passwords, fostering a culture of security awareness.


Beyond basics: Advanced measures for cloud security

For organizations that handle highly sensitive data or operate in heavily regulated industries, advanced security practices may be necessary:

  • Zero trust architectures enforce strict verification of every user and device that attempts to access resources, regardless of their location or network.
  • Encryption of sensitive data at rest and in transit will ensure it remains secure even if intercepted. It is also a best practice to employ access policies and encryption at the object level.
  • Continuous monitoring tools provide real-time insights into cloud activities, which enables faster detection and response to anomalies. Advanced monitoring and remediation tools should integrate with existing investments like SIEM/SOAR systems.Integration can increase efficiencies and can further enhance continuous monitoring by aggregating logs and events across multiple platforms for a holistic view of threats.


Why proactive cloud security matters

The financial and reputational costs of a data breach can be catastrophic. Lost customer trust, regulatory fines, and remediation expenses are significant risks to a business. By adopting a proactive approach to cloud security, organizations can reduce these risks and protect their most valuable assets.

Cybersecurity in the cloud is not a one-time effort but an ongoing process. Implementing robust tools, fostering a culture of awareness, and staying informed about emerging threats are key to maintaining a secure and resilient cloud environment.

For more information on securing cloud environments, watch this on-demand webinar: Know Your Exposure: Is Your Cloud Data Secure in the Age of AI?


About the author

Gad Rosenthal is a senior product manager at Tenable, specializing in advancing data security posture management (DSPM) solutions. He joined Tenable through its acquisition of Eureka, a cloud data security company. Gad built his cybersecurity expertise stems over a diverse career, including roles at Microsoft, Siemplify (now part of Google), and Imperva.

Data SecurityEnhancing cloud security strategyIdentity and Access ManagementRisk ManagementZero Trust

Share this content on your favorite social network today!

Core Cloud
Related Resources
Top Threats to Cloud Computing
The eleven salient threats, risks, and vulnerabilities in the cloud.
Certificate of Cloud Security Knowledge (CCSK)
The industry's standard cloud security credential.
Corporate Membership
Gain knowledge and connections in the cloud industry.
Latest from CSA
Register for CSA’s Virtual FinCloud Security Summit
Key Management for Public Cloud Migration
Cloud Security for Startups 2024
Secure your cloud data with Zero Trust Training
Related Articles:
Next-Gen Cybersecurity with AI: Reshaping Digital Defense

Published: 01/10/2025

Let’s Go Back to the Basics: How ISO 27001 Certification Works

Published: 01/09/2025

What is Protocol Break? A Deep Defense to Isolate Attackers in the Cloud

Published: 01/09/2025

Adapting Strong IAM Strategies to Combat AI-Driven Cyber Threats

Published: 01/08/2025