All companies use third party cloud providers. A lot of legacy companies have been shutting down data centers to move to the cloud. So there isn’t a question of whether why your data is in the cloud. It’s going to be in the cloud.
And honestly, I think I'd rather trust cloud providers with the data than the remnants of a decimated IT team in a large enterprise that's struggling to maintain their own on-prem infrastructure that's super old and probably not up to date on patches.
The problem is then you have even fewer technically-competent people internally to actually manage the cloud, and combined with AWS's many documented footguns it's not clear to me the "new normal" is actually any better for security.
You go from being a potentially-small-fry target to getting your data collated in massive breaches. There's risks to both.
That’s the thing though - this was a snowflake breach. It’s not an AT&T miss because of their decimated sw engineering teams. Snowflake has much better sw engineering than AT&T.
AT&T was not using MFA, while it was possible. Someone leaked credentials and this is the result. Only thing Snowflake could have done was to force MFA for everyone.
