IT security teams worry about the public clouds

05.29.2025 09:27 AM - By Brian S. Pauls
Executive Summary:
An increase in attacks by AI agents on the public clouds concerns IT security professionals, with some advocating retrenchment back to on-prem "private clouds." But if you're a small or mid-sized business without the money and expertise to create and properly secure your own private cloud, you may still be better off betting on the security resources of the hyperscalers to protect your data.

In 2021 I wrote the article "Yes, your data is safer in the cloud." Last week, Security Brief Australia warned IT security professionals "are actively considering moving data back from public to private cloud due to security concerns."


What's going on?


Data from the Gigamon 2025 Hybrid Cloud Security Survey indicates an increase in AI-driven attacks lies behind these fears. Last month, Security Week reported, bots now generate the majority of Internet traffic. The article states "[t]hirty-seven percent of this is malicious (bad bots), while only 14% are good bots."


While this sounds alarming, decision-makers at small and mid-sized businesses should think carefully before embarking on a retreat from the Cloud. Just pulling your data back to an on-premise server, like it's still the early 2000s, is no guarantee of protection. And it still carries all the risks the public clouds eliminate. A private cloud isn't just a server--it's an entire infrastructure environment, complete with the security required to shield private users against the same threats targeting the public clouds.


Which brings us back to the point of my original article. Do you want to bet on your ability to secure your own online cloud platform against what Microsoft, Amazon, and Google bring to the table?


An alternative is to properly secure your data in the public clouds, using the capabilities the hyperscalers have already included in their environments. Last month, SentinalOne published a list of twenty-five best cloud security practices. And while they would really like you to subscribe to their Singularity solution, the measures they list should be helpful to anyone serious about protecting their public cloud data.


But I realize I don't know what I don't know. Perhaps AI represents a fundamental shift in the balance between the benefits of the public clouds and the risks posed by their high profiles. To make sure I'm considering all sides of the issue, I'm arranging to interview Mike Jackson with Pendello Solutions, a security-conscious managed-services provider helping small and mid-sized businesses deal with this issues on day-to-day basis. More to come soon.


Next Steps:
Share With — 
vCTO, CIO, CISO

Action Items — 
  • Review SentinalOne's best practices for cloud security with your vCTO, managed services provider, or in-house IT staff.
  • Shore up any vulnerable spots in your cloud-data defenses.
  • Stay-tuned for my interview with Mike Jackson from Pendello Solutions.
Brian S. Pauls

Brian S. Pauls

Founder & vCTO Cloudessy

Brian is a serial entrepreneur with an extensive background in information technology, including more than thirty years working with what we now call "the Cloud," as well as networks and server infrastructures.

Tags :
Categories :