Elizabeth Taruvinga, cyber security training and advisory at Bright Wyze Training and Advisory Solutions.
Businesses rely on the cloud to store data and support daily operations, but this also means exposure to cyber security threats. Regular security assessments are critical to mitigate risks, says Elizabeth Taruvinga, cloud security expert at Bright Wyze Training and Advisory Solutions.
Speaking at the ITWeb Cloud and Data Centre Summit 2025, hosted recently at The Forum in Bryanston, Taruvinga emphasised that cloud security assessments are crucial to evaluate the security posture of cloud environments by identifying potential vulnerabilities and threats.
This is important to maintain customer trust and brand sustainability, Taruvinga added. “Cloud security assessments aim to mitigate key risks, including insecure APIs, malware infections, account hijackings, data breaches, data loss and insider threats.”
Taruvinga said assessments can be done using automated tools or manual testing. This testing involves several steps, including:
-
Identifying security risks: Uncovering compliance gaps, weak configurations and policy violations that could expose the organisation to threats.
-
Enabling real-time monitoring: Real-time monitoring tools like Prisma Cloud or Microsoft Defender for Cloud to continuously scan the environment for threats. These tools generate alerts for suspicious activities, such as unauthorised access attempts, data exfiltration or unusual traffic patterns.
- Generating actionable reports: Producing detailed reports on vulnerabilities, compliance status and risk exposure. The reports can serve as a baseline for tracking improvements and communicating findings to stakeholders.
“Cloud security assessments can be provided by an in-house team with the necessary skills or outsourced to a third-party provider. When outsourcing, it’s essential to conduct thorough vendor due diligence, considering factors such as vendor reputation, past successful work and regulatory compliance,” Taruvinga added.
While global brands like Microsoft are known for having high levels of cloud security, Taruvinga cautioned: “The cloud’s security posture can only be determined after a cloud security assessment, and controls differ for each environment.”
She advised business leaders to stay updated on the latest trends and technologies in cloud security, especially the use of AI in cloud security assessments.
“This is becoming increasingly popular. AI provides real-time insights and enhances threat detection,” Taruvinga added.
She concluded with a call to action for IT professionals to focus on “speaking business language” when explaining the link between assessments and business goals.
This will help businesses take proactive steps to protect their digital assets and ensure the security and integrity of their cloud environments.
“Securing digital assets is crucial for business continuity, operational stability and reputational integrity.”
