1. Security Considered Too Late

One of the most significant challenges is security being considered too late when the architecture is already established. At that point, teams are frequently scrambling to retrofit controls into systems never built with security as a consideration. A better approach is to adopt a secure-by-design mindset from the outset, alongside functionality and performance.

2. Overly Permissive Access (IAM)

Cloud environments frequently operate with overly broad access permissions, typically done for convenience or speed during early development stages. With increased permissions comes heightened risk. Implementing least privilege access from day one ensures users and services only have access to what they require and nothing more. If a workload is compromised, the blast radius is contained.

Top 5 Cloud Security Mistakes — and How to Fix Them Patterns that repeat across every enterprise cloud migration · Each is preventable at design time MISTAKE 1 Security Too Late Architecture built first, security bolted on after Controls cost 10x more to retrofit than design in Fix: Threat model before first commit MISTAKE 2 Over-Permissive IAM AdministratorAccess attached everywhere Wildcard * actions and resources common Fix: Least privilege IAM Access Analyser MISTAKE 3 No Segmentation Flat VPC — everything talks to everything 0.0.0.0/0 security groups No east-west inspection Fix: Subnet tiers NACLs + Network FW MISTAKE 4 No Logging CloudTrail disabled GuardDuty not enabled VPC Flow Logs off No SIEM integration Fix: Security Hub GuardDuty + CloudTrail MISTAKE 5 No Threat Model No STRIDE analysis before deployment Attack paths not considered by design Fix: STRIDE early BAS validation All five mistakes are preventable at design time — not discoverable only after a breach IaC policy gates · CSPM · BAS continuous validation · Threat modelling at sprint zero · saleemyousaf.co.uk
// Top 5 cloud security mistakes and how to fix them at design time

3. Lack of Clear Network Segmentation

Flat network design is a common problem where workloads are not properly segmented. This enables lateral movement of threats from system to system if one component is compromised. Applying patterns like segmented VPCs, controlled routing, and central inspection limits exposure and increases overall resilience.

4. Insufficient Logging and Monitoring

In many environments logging is enabled but not properly configured. Logs are not centralised, not reviewed, or not tied to any alerting mechanism. Without observation, threats are hardest to identify and respond to. Centralised logging with telemetry and alerting gives visibility into what is happening in the environment. Reduce the noise and focus on security and audit logs for meaningful signal.

5. Not Using Threat Modelling Early

One of the best ways to drive better security outcomes is through early threat modelling. Techniques such as STRIDE at the design level help identify possible risks before systems are built and deployed. This enables teams to be proactive in designing controls instead of reactive after the fact. Threat models should be revisited as the architecture evolves, not treated as a one-time artefact.

The organisations that succeed treat security as part of design, not an afterthought. If you get the fundamentals right early across identity, network design, monitoring, and threat modelling, it makes a significant difference to long-term risk reduction.
Back to all articlesAPI Security and STRIDE Threat Modelling