In any conversation about responsibilities regarding the security of the cloud, as opposed to security in the cloud, it is the cloud provider's responsibility to furnish the security and integrity required to deliver on the cloud's promises of flexibility, choice, and ease of deployment. However, cloud-native integrity cannot stop at the security of the cloud;the greater challenges are not found on the provider's side of the shared responsibility model. Instead, they lie with the consumers of the cloud and addressing what they deploy and run on an infrastructure or as a service.

We've all had a front-row seat to the growing attack surface and the damage wreaked on it by advanced malware threats such as ransomware as a service (RaaS). The fall out includes economic disruptions, information held hostage, exposure of personally identifiable information (PII), and potential compliance liabilities related to GDPR and other regulations. Compliance is particularly relevant for the financial services sector as banks have been disproportionately targeted by cybercriminals. Accelerated by the pandemic, somein-branch services moved to digital platforms and some in-person manual processes shifted to bots,increasing both efficiency and future proofing. However,as digital options increase, security budgets are being cut, which leaves the door open to more exposures. In this new normal, automated cloud-native security services and testing need to be employed and thought of as part of system health.