Managed Detection and Response

Cloud-Based Cyber Security: Understanding the Shared Responsibility Model

The allocation of cyber security responsibility between cloud vendors and their customers is commonly misunderstood. We take a look at clarifying some misconceptions and explore how our MDR for Cloud service can help bolster your cyber security.

Written by

Team Nucleus

Written on

19th April, 2023


Cloud Vendors and Shared Cyber Security Responsibility

While cloud vendors usually have their own stringent cyber-security measures in place, organisations are still responsible for protecting their networks. If sensitive customer data is leaked or an organisation falls victim to a phishing or ransomware attack, it is the organisation that is ultimately culpable.

Furthermore, while data may be protected within the cloud, organisations are still vulnerable to endpoint attacks. This is because many of these endpoint devices do not have adequate levels of security protection, offering threat actors a multitude of entry points to attack.

The security threats related to cloud services are usually related to authentication and public APIs. While a strength of cloud services is their ability to make data sharing easy across organisations, this has simultaneously made it harder to identify unauthorised third parties.

Cloud Service Models and Responsibility Allocation

There is often confusion surrounding how much responsibility cloud service providers have for their customer’s cyber security. Below is a breakdown of the different types of cloud service provider and the associated allocation of responsibility for cyber security.

Infrastructure as a Service (IaaS)

IaaS is a form of cloud computing where the provider manages IT infrastructures such as storage, server and networking resources, providing virtualized computing resources via the internet. IaaS services usually allocate the least amount of responsibility onto vendors compared to other cloud service models.

The responsibility between customer and provider tends to vary but can be summarised by the following:

Cloud Vendor Security Responsibility: All infrastructure components

User Security Responsibility: Endpoints, user and network security, workloads and data, any application installed on the infrastructure.

Platform as a Service (PaaS)

PaaS is a form of cloud computing where the customer has access to the complete cloud platform, including hardware, software, and infrastructure. This allows customers to develop, run and manage applications. This allows customers to avoid investing in expensive IT infrastructure and software licenses.

Similar to IaaS, the responsibility between customer and provider tends to vary but can be summarised by the following:

Cloud Vendor Security Responsibility: Platform security (hardware and software)

User Security Responsibility: Endpoints, user and network security, workloads, applications developed on the platform.

Software as a Service (SaaS)

SaaS is a form of cloud computing that provides customers with applications over the internet, allowing organisations to use an application without the cost of investing in the infrastructure.

While SaaS usually attributes more security responsibility on the vendor compared to IaaS and PaaS, organisations are still responsible in securing multiple areas as summarised below:

Cloud Vendor Security Responsibility: Application Security

User Security Responsibility: Endpoints, user and network security, misconfigurations, workloads, and data.


With the threat of cyber-attacks continuing to grow exponentially, cyber security should be a top priority for organisations of all sizes. While cloud vendors do secure and protect data to an extent, they should not be relied upon entirely as a means of ensuring organisations are protected. Therefore, it is vital that organisations firstly understand the level of protection that their cloud vendors offer and, secondly, that they secure those areas of cyber security that are not included in their cloud service.

How we can help

With responsibility for cyber security ultimately still lying on the organisation, it is vital that a comprehensive security solution is adopted to mitigate the risk of cyber threats. Our Managed Detection and Response (MDR) for Cloud service provides complete visibility across public clouds, SaaS, and hybrid IT infrastructures. The service is run from our UK-based Security Operations Center (SOC) and manned 24/7 by our team of highly skilled Cyber Analysts. By utilising our service, we can help protect your organisation from:

  • Unauthorised Access
  • Misconfigurations
  • Suspicious User, Account and Application Activity
  • Unauthorised Data Sharing
  • Unpatched Vulnerabilities
  • Unusual Administrative Actions
  • File Access Monitoring
  • Phishing Detection

Our analysts can threat hunt across multiple cloud vendors including, but not excluded to, Amazon AWS, Microsoft, and Google.

Our service offers:

  • 24/7 Human-Led Threat Hunting
  • Rapid Alerting – in as little as 15 minutes
  • Threat Containment and Response
  • Recovery and Remediation Support
  • Secure Configuration Auditing
  • Government / Telco Grade Technology

By adopting our unique MDR service, you can feel reassured that your network is being monitored 24/7 by our highly skilled Cyber Analysts. While many cyber security services tend to rely on automation, our service combines technological intelligence with human expertise and intuition, leading to the ultimate cyber security solution that leaves no stone unturned.

Secure your network today with Telesoft by contacting us at:

Managed Detection & Response (MDR) Service

Let us resolve your cyber security challenges. Contact our team today.

Security Operations Center

Recommended Posts

Subscribe to Nucleus blog updates.

Subscribe to our newsletter and stay updated.

Subscribe to Nucleus