Page 179 - Cyber Defense eMagazine September 2025
P. 179
cyber-attacks. Common and avoidable causes of cloud-related breaches include misconfigurations,
unsecured data repositories, and poorly managed user access controls.
Cloud infrastructure often involves multiple service providers and complex deployment models, such as
hybrid or multi-cloud architectures. Each additional layer of abstraction and third-party involvement
makes it more challenging to maintain consistent security controls. Without full visibility into these
environments, it is difficult to assess real-time exposure, enforce compliance, and respond quickly to
incidents.
Zero Trust, Full Protection: Monitoring Encryption & Data Protection in the Cloud
The Zero Trust Cybersecurity framework is established on the principle that no user, device, or system
should be trusted by default- even within an organization’s internal network.
Fintechs transmit, store, and process sensitive data in the Cloud Environment including but not limited
to- Personally Identifiable Information (PII) and Payment Card Information (PCI) based on their product
and service offerings.
With Zero Trust, stringent verification must occur before access to any DB or application in the Cloud,
encryption protocols must be continuously monitored for Data-At-Rest (DAR) and Data-In-Transit is
required.
Understanding How Zero Trust Architecture Functions
The Zero Trust model is founded upon the National Institute of Standards and Technology (NIST) 800-
207 framework established on three fundamental principles- “Never Trust, always verify”, Least Privilege
Access, and Assume Breach.
The implementation of a Zero Trust framework involves incorporating advanced technologies, including;
Risk-based Multi-Factor Authentication (MFA)- verifies user identities, Identity Protection- for user
Cyber Defense eMagazine – September 2025 Edition 179
Copyright © 2025, Cyber Defense Magazine. All rights reserved worldwide.
