Cloud Security and the Shared Responsibility Model

According to Gartner, “Through 2022, at least 95% of cloud security failures will be the customer’s fault.” With high chances of user error, limited security resources, and constantly evolving computing environments, commercial and public organizations identified the need for cybersecurity resources to help protect their data and workloads in the cloud.


Depending on what the organization’s cloud infrastructure looks like, the responsibility of security actions varies between the cloud user and the cloud service provider (CSP). Simply put, the shared responsibility model outlines what security actions an organization is responsible for and what security actions the CSP should manage.


The CIS Controls, CIS Benchmarks, and CIS Hardened Images offered by the Center for Internet Security, are three globally-recognized cybersecurity resources that can help cloud consumers meet the expectations of the shared responsibility model.