u/Beastwood5

15% of cloud breaches per the DBIR are still misconfigs. public S3 buckets, open DB snapshots, overprivileged service accounts. Same three things weve been talking about since 2019.

CSPM tools exist. Block public access settings exist. The fix is literally a checkbox in most cases. So why are orgs still getting breached this way?

Ive started to think its not a tool problem. Its an ownership problem. Nobody wakes up in the morning thinking "I own the S3 bucket security posture." Its everyone’s problem which means its nobody’s.

So, who owns cloud storage security at your org? For those who solved this, what did it? Org structure change, policy automation, something else? Thanks all!!

Trying to cut expenses and boost my savings, but stuck on car insurance. Liability-only is way cheaper and frees up cash monthly, but full coverage feels safer in case of accidents or theft. My car isn’t brand new, but it’s not junk either, repairs would still hurt financially.

For those focused on saving more: did you downgrade to liability-only, or keep full coverage for peace of mind?