The 180°

The 180°

Share this post

The 180°
The 180°
Exploring Cloud Security & AI with Women in Cybersecurity (WiCys)
Copy link
Facebook
Email
Notes
More
User's avatar
Discover more from The 180°
Exploring ideas, reflecting and sharing learnings.
Already have an account? Sign in

Exploring Cloud Security & AI with Women in Cybersecurity (WiCys)

Grace Gong's avatar
Grace Gong
Apr 05, 2025
1

Share this post

The 180°
The 180°
Exploring Cloud Security & AI with Women in Cybersecurity (WiCys)
Copy link
Facebook
Email
Notes
More
Share

I recently attended Kavitha Bangalore's presentation on Cloud Security & AI at a Women in Cybersecurity (WiCys) event, and will share key takeaways that highlight the evolving relationship between cloud technologies, security challenges, and AI-driven solutions.

The Cloud Revolution: Context and Scale

The cloud computing landscape has reached unprecedented levels of adoption across organizations of all sizes. More than 90% of organizations now leverage cloud services, with global cloud spending reaching nearly $600 billion in 2023 according to Gartner. The adoption is particularly striking among enterprise organizations, where the rate exceeds 94% as reported by RightScale. The business case for cloud adoption is compelling - from boosting gross margins and profitability (Wipro FullStride) to generating more revenue (Infosys), achieving faster time to market (IBM), and even reducing carbon emissions by 84% (Accenture). Perhaps most interestingly, 6 in 10 CxOs believe cloud computing actually improves security (Oracle) - a perspective that highlights the nuanced relationship between cloud adoption and security challenges.

Retrospective on Cloud Security Attacks

We explored some examples of cloud security breaches and how they reveal critical vulnerabilities in cloud infrastructure. While I won't be listing all of them, one notable example is the Aviatrix VPN Vulnerability from 2021, where this cloud networking company faced a critical security vulnerability in their VPN software that could allow remote code execution. Security researchers discovered that the Aviatrix VPN client for Linux contained a flaw allowing attackers to execute arbitrary code with root privileges. The vulnerability stemmed from improper input validation and insufficient access restrictions in their cloud management interface. This case highlighted how even specialized cloud security providers can have serious vulnerabilities in their infrastructure that require prompt patching and remediation.

Defensive Strategies in Cloud Security

Kavitha's presentation emphasized several critical focus areas for cloud security defense. Understanding the Shared Responsibility Model is crucial, as cloud security operates on a shared responsibility framework where providers secure the infrastructure while customers must secure their data, applications, and access controls. Managing the expanding attack surface is also essential, as organizations rapidly adopt cloud services, the attack surface inevitably expands, requiring comprehensive visibility and control mechanisms. Implementing robust authentication and access controls is critical, as breaches often demonstrate the importance of proper authentication and strictly limited permissions following the principle of least privilege. Addressing configuration management is equally important since many cloud breaches stem from misconfigurations rather than sophisticated attacks, making continuous configuration assessment and compliance monitoring essential. Regular security assessments should be conducted as proactive testing and assessment of cloud environments can identify vulnerabilities before attackers do.

Role of AI in Proactive Cloud Defense

The increasing complexity of cloud environments and the rapidly evolving threat landscape make AI an essential component of modern cloud security strategies. AI-powered security solutions offer anomaly detection capabilities, where machine learning algorithms that establish baseline behaviors can identify unusual patterns that might indicate security breaches. These solutions also provide automated response capabilities, as AI systems can initiate predefined responses to security incidents, containing threats before they spread. Predictive security is another benefit, with advanced AI analyzing patterns to predict potential vulnerabilities and attack vectors before they're exploited. Configuration analysis is enhanced through AI tools that continuously scan cloud configurations to identify misalignments with security best practices.

Future Trends and Challenges

Looking ahead, Bangalore highlighted several emerging trends in cloud security. Zero Trust Architecture is becoming essential in cloud environments where traditional network boundaries are obsolete, following the principle of "never trust, always verify." DevSecOps Integration ensures security is integrated throughout the development lifecycle rather than added as an afterthought. Compliance Automation is growing in importance as regulatory pressures increase, making automated compliance monitoring and reporting standard practice. Security is increasingly recognized as a business priority, with organizations elevating security from a technical concern to a business imperative, as evidenced by the significant business impacts of cloud security failures.

As cloud adoption continues to accelerate, organizations must balance innovation with robust security practices. By understanding common attack vectors, implementing comprehensive defensive strategies, and leveraging AI for proactive protection, businesses can safely navigate the cloud landscape while minimizing security risks.


Subscribe to The 180°

By Grace Gong · Launched 3 years ago
Exploring ideas, reflecting and sharing learnings.
1

Share this post

The 180°
The 180°
Exploring Cloud Security & AI with Women in Cybersecurity (WiCys)
Copy link
Facebook
Email
Notes
More
Share

Discussion about this post

User's avatar
Im a WTM Mentor!
As someone who has experienced firsthand the power of mentorship in tech, I’m honored to now guide three early-career professionals on their journeys…
Nov 19, 2024 • 
Grace Gong
5

Share this post

The 180°
The 180°
Im a WTM Mentor!
Copy link
Facebook
Email
Notes
More
1
Year in Review
I'm grateful for the opportunities, people, and experiences that have shaped my year.
Dec 31, 2024 • 
Grace Gong
3

Share this post

The 180°
The 180°
Year in Review
Copy link
Facebook
Email
Notes
More
Our Google Developer Student Club (GDSC) Cloud Workshop at HackWestern 2024!
UWO GDSC presented at HackWestern and provided tools to get started with Google Cloud Skillsboost and Google Cloud Platform (API’s etc.,) !
Nov 29, 2024 • 
Grace Gong
3

Share this post

The 180°
The 180°
Our Google Developer Student Club (GDSC) Cloud Workshop at HackWestern 2024!
Copy link
Facebook
Email
Notes
More

Ready for more?

© 2025 Grace Gong
Privacy ∙ Terms ∙ Collection notice
Start writingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More

Create your profile

User's avatar

Only paid subscribers can comment on this post

Already a paid subscriber? Sign in

Check your email

For your security, we need to re-authenticate you.

Click the link we sent to , or click here to sign in.