SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
57
#
Firewalls
#
Data Protection
#
Digital Transformation

Cloudflare, WatchGuard warn cloud security assumptions fail

Tue, 7th Apr 2026
Author image
By Sofiah Nichole Salivio, News Editor

Cloudflare and WatchGuard Technologies have urged organisations to rethink their assumptions about cloud security as World Cloud Security Day sharpens focus on emerging threats.

The vendors pointed to rising network attacks, identity-based intrusions, and the growing impact of artificial intelligence and quantum computing in an already complex risk environment.

Anthony Daniel, Managing Director for Australia, New Zealand and the Pacific Islands at WatchGuard Technologies, said many Australian organisations still overestimate the inherent safety of cloud platforms.

He warned that long-held beliefs about cloud infrastructure and data protection no longer reflect current attack patterns.

Volker Rath, field CISO at Cloudflare, said conventional cloud security advice now sits against a backdrop of rapidly shifting technology trends and threat vectors.

Both pointed to identity, access and configuration as key pressure points as businesses expand cloud use and expose more systems to the internet.

Assumptions under pressure

Many attacks now bypass traditional perimeter defences and instead exploit weaknesses in how users and devices connect to cloud applications, Daniel said.

"This World Cloud Security Day, Australian organisations need to address a critical misconception: that moving to the cloud means moving to something inherently secure. The assumption has been that if the platform is protected, the data is too, but that's no longer where most attacks begin."

He described a shift away from direct attacks on cloud platforms and towards the identity and access layer.

WatchGuard telemetry indicates growing levels of automated scanning and probing of exposed infrastructure linked to cloud services.

According to Daniel, adversaries now study authentication paths and configuration settings as closely as they once probed operating systems and databases.

Small lapses in security hygiene can provide initial access, he said, including unmanaged devices, weak remote-work controls and overlooked settings in cloud dashboards.

Network probing rises

WatchGuard's Threat Lab recorded a significant volume of network-based attack attempts against Australian organisations late last year.

Daniel said the ratio of blocked network attacks to malware detections shows how threat actors search for gaps in cloud-linked infrastructure at scale.

"Attackers are no longer focused on breaking into the cloud itself but are instead targeting the ways in which it is accessed, exploiting compromised credentials, unsecured devices and misconfigured services to gain entry, after which the cloud becomes part of the attack surface rather than a layer of defence."

In one quarter, Threat Lab data showed more than 96,000 network attacks blocked against Australian targets, more than 10 times the number of malware detections.

That pattern, Daniel said, reflects persistent reconnaissance and exploitation attempts against internet-facing systems and cloud-connected environments.

Adversaries are increasingly targeting identity controls, remote access gateways and configuration weaknesses rather than relying only on individual software flaws.

Integrated strategies

Organisations that treat cloud security as a stand-alone task risk creating blind spots, Daniel said.

As cloud adoption expands, businesses need connected visibility across identity, endpoint and network activity, he argued.

"What this underscores is that cloud security cannot be approached in isolation, but instead needs to form part of a broader and more integrated strategy that brings together visibility across identity, endpoint and network activity, alongside continuous verification of access to critical systems, with a zero trust model playing a central role in ensuring that every request is assessed in real time regardless of where it originates."

Companies that view the cloud as a fixed perimeter rather than a dynamic extension of their environment risk misunderstanding where threats now emerge, he said.

"The organisations that will stay ahead are those that recognise the cloud is no longer a defined boundary and instead focus on securing the pathways into it," Daniel said.

Beyond traditional playbooks

Rath said many measures commonly promoted for cloud protection now sit within a broader transformation in how security operates.

"World Cloud Security Day is a day that often surfaces familiar advice: strengthen identity and access management, adopt Zero Trust and build layered security. While these are all important, many of the suggestions we hear today are stuck in a scenario that no longer exists," Rath said.

He pointed to artificial intelligence, citizen development, software supply chain complexity and quantum computing as forces increasing both the scale and speed of risk.

"Technologies and trends such as AI, the rise of citizen developers, increasing complexity in software supply chains, and quantum computing are fundamentally reshaping the scale and speed of cyber risk," Rath said.

Security controls must now adjust automatically as conditions change and as software is built and deployed, he said.

"Security must now be automated, adaptive, and deeply integrated into how organisations build and operate. This means moving towards a 'no excuses, no exceptions, no manual management' approach to security, where protection is built in by default, and defining a new shared responsibility for managing threats across all players in the ecosystem," Rath said.

AI in defence

AI has become both a source of new threats and a tool for defenders, according to Cloudflare's field CISO.

"It also means using AI as a central defence tool. Organisations can use it to identify vulnerabilities in code, detect anomalous behaviour that traditional tools miss, or gain better visibility across increasingly complex environments, including software supply chains," Rath said.

He said organisations must maintain a dual focus: addressing current issues such as identity and data protection while preparing for longer-term shifts such as post-quantum cryptography.

"And while we need to focus on these immediate threats, we cannot ignore what's coming next, with quantum computing and its potential to break today's encryption standards," Rath said.

Rath added that many foundational practices still hold value despite the pace of change.

"All that said, we also don't need to panic. AI hasn't changed the target of attackers, and many of the best practices we hear every year still serve us well today. Most of us are already on the right path. We just need to continue the security transformation process, focusing strongly on sensitive data and identities," Rath said.
Related stories
Databricks appoints Davinia Simon as ANZ public lead
Cloudflare flags surge in major internet outages worldwide
Agiloft launches free Astra AI for contract analysis
Ping Identity warns of AI agent authorisation risks
SAS launches AI supply chain agent in industry push

Top stories

Australian mid-sized firms gain from AI, but skills lag
NCS unveils AI partnerships for public safety in APAC
Fortinet report finds boards resist cyber hiring push
SCX joins Equinix Fabric in Australian AI expansion
AI advances are reshaping cyber risk, experts warn