How Can Enterprises Move from Cloud Security Visibility to Real Enforcement?

Podcast series: The Security Strategist

Guest: Amit Megiddo, CEO and Co-Founder, Native

Host: Richard Stiennon, Chief Analyst Researcher at IT-Harvest

In the recent episode of The Security Strategist Podcast, Amit Megiddo, CEO and Co-Founder, Native, joins host Richard Stiennon, Chief Research Analyst at IT-Harvest, to discuss a growing challenge in enterprise cloud security. Enterprises are investing heavily in cloud providers’ built-in controls, yet risk persists when those controls are not consistently enforced across complex environments.

According to Megiddo, the problem isn't a lack of tools, but a failure to make them work effectively. Drawing on his experience launching Amazon GuardDuty at Amazon Web Services, the Native CEO explains that enterprises have hit a tipping point. The challenge is no longer about visibility. It is about executing at scale across complex multi-cloud environments.

What is the Execution Gap in Cloud Security?

Cloud providers such as Amazon Web Services, Microsoft Azure, Google Cloud, and Oracle Cloud offer a wide range of built-in security features. Yet, as Megiddo points out, most enterprises are only using a small part of what is available.

“The easy part is turning controls on,” he says. “The hard part is making sure they consistently deliver security results.” This is where many enterprises struggle. Security teams create policies, but platform teams carry them out. In the process, vital context is lost. The result is a disjointed approach where risks are identified but not effectively managed.

Megiddo calls this the “execution gap.” It is a fundamental issue in how enterprises handle cloud security. Even with sophisticated CSPM and CNAP tools, organisations remain mostly reactive. They are relying on detection and fixing problems instead of preventing them.

How to Move From Detection to Policy-Driven Enforcement

The podcast spotlights a key shift in enterprise security strategy – moving from detection controls to proactive, policy-driven enforcement. Conventional methods focus on spotting issues—like unencrypted or publicly exposed data—and then starting remediation processes. However, as cloud environments grow, this method becomes untenable.

Megiddo suggests embedding security directly into the architecture:

• Preventing non-compliant resources from being created
• Designating approved regions for workloads
• Enforcing network isolation rules for sensitive environments, such as AI training workloads

This “secure-by-design” approach turns security from a reactive task into a core operational control. However, implementing this is not easy. Enterprises must translate high-level policy goals into thousands of low-level settings across various cloud providers, each with its own APIs, services, and policy frameworks.

“It’s not just about writing the policy,” Megiddo emphasises. “It’s about safely rolling it out, simulating impact, managing exceptions, and ensuring it stays enforced over time.”

It creates new operational needs such as simulation tools, drift detection, real-time developer feedback, and automated exception handling. Essentially, cloud security becomes a continuous process rather than a one-time setup.

Read Top 10 Web Application Firewalls (WAFs) for 2024

Why WAFs Matter More in 2024

Escalating web attacks are turning WAFs into mandatory controls for protecting digital revenue and reducing application breach exposure.

Why is the Unified Control System Critical?

The main takeaway for enterprise leaders is that cloud security is no longer just about managing risks; it is becoming an edge in the market. As major providers continue to invest heavily in native security features, the real differentiator will be the ability to coordinate and enforce those tools effectively.

Megiddo’s vision is straightforward: a unified control system that lets enterprises define security intent once and apply it consistently across cloud and hybrid environments.

In an industry shaped by AI, multi-cloud complexity, and rapid digital changes, this ability could determine how quickly—and securely—enterprises can progress. For CISOs and IT leaders, the message is clear: the future of cloud security lies not in observing more, but in doing more—with precision, consistency, and scale.

Key Takeaways

• Shift from detection to proactive, policy-driven cloud security to reduce risk.
• Multi-cloud across Amazon Web Services, Microsoft Azure, and Google Cloud requires unified enforcement.
• CISOs need tools that turn security policy into automated controls.
• Secure-by-design cloud architecture protects AI and enterprise workloads.
• Strong cloud security execution drives scalability and resilience.

Read 1 TB of Disney Data Leaked in NullBulge Cyber Attack

When Chat Platforms Become Risk

The Disney incident spotlights Slack and SaaS collaboration stacks as critical attack surfaces demanding new controls, logging and governance.

Chapters

• 00:00 The Cloud Security Landscape
• 03:11 Challenges in Implementing Cloud Security
• 08:00 Transitioning to Proactive Security
• 12:26 The Evolving Role of Security Leaders
• 16:42 Future Trends in Cloud Security

For more information, please visit em360tech.com and native.security. 

Follow: @EM360Tech on YouTube, LinkedIn and X

Native LinkedIn: https://www.linkedin.com/company/native-security/

#CloudSecurity #PolicyDrivenSecurity #CloudEnforcement #MultiCloudSecurity #SecurityByDesign #ExecutionGap #CISOs #TheSecurityStrategist #NativeSecurity #CSPM #CNAP #EnterpriseSecurity #NativeSecurity #AmitMegiddo