Skip to main content

A changing threat landscape: Security across public cloud and hybrid cloud

by Eamon McCarthy Earls
Assistant Editor,

Cybersecurity is the ultimate moving target. Companies operating resource on Microsoft Azure, including as part of hybrid cloud environments, face a constantly evolving threat landscape. At any moment in time they need to consider the complex interplay of dependencies, software vulnerabilities, AI, ransomware, phishing, nation state threats, and more.

MSCloudNews spoke with two cloud professionals about their approach to complex cloud security scenarios in 2023. They discussed the impact of hybrid cloud on security, DevSecOps, training, zero trust principles, and the need for greater education within IT organizations.

The shape of the threat landscape

Cloud uptake expanded rapidly as a result of widespread remote work during the Covid-19 pandemic. According to Gordon McKenna, CTO of Public Cloud at Ensono, most CIOs are opting for a cloud first strategy, but a significant portion of workloads remain hybrid because they are difficult to move to the cloud, resulting in added security complexities.

“[There are many examples of difficult to move workloads] such as mainframe systems or legacy workloads, [that] can be kept in on-premise datacenters, with high-speed connections to the public cloud," said McKenna. "These workloads quite often then become candidates for transformation projects, such as refactoring applications written in Cobol to .Net or Java, or re-written cloud natively or simply replaced by SaaS equivalents. The modern cloud provider and partners need to embrace these new scenarios and provide options that allow a customer to transition to ‘cloud-ready’ on-premise infrastructure as well as providing tooling and expertise to support the subsequent transformation paths."

Dwayne Natwick, Global Principal Lead at Atos, has written recently about the cloud security concerns of SMEs. From his conversations with those organizations, he concluded that bad actors will continue to be motivated to take advantage of a continued lack of understanding around protecting cloud infrastructure versus on-premises infrastructure.  "[There is particular exposure] for devices on the edge. There will be more focus on using AI and ML capabilities for threat hunting and response to harness understanding where attacks are coming from and identifying vulnerabilities and anomalies before they do any damage,” he told MSCN.

Responding to threats

FREE Membership Required to View Full Content:

Joining gives you free, unlimited access to news, analysis, white papers, case studies, product brochures, and more. You can also receive periodic email newsletters with the latest relevant articles and content updates.
Learn more about us here

About Eamon McCarthy Earls

As the assistant editor at, Eamon helps to oversee editorial content on the site and supports site management and strategy. He can be reached at

Before joining, Eamon was editor for at TechTarget, where he covered networking technology, IoT, and cybersecurity. He is also the author of multiple books and previously contributed to publications such as the Boston Globe, Milford Daily News, and DefenceWeb.