As we’ve gradually moved toward more cloud-based infrastructure and deployments over the past decade, there’s been a growing perception that we’ve got a good handle on what types of operations and security the cloud providers will manage and what we, as security professionals, have to manage and maintain ourselves. Unfortunately, many organizations haven’t completely understood that the security responsibility models proposed by the cloud providers weren’t really written for security teams. They’re business proposals intended to get organizations comfortable with putting assets into the cloud. So, is everything you know about cloud security wrong? Probably not, but there’s much more nuance to cloud security than you may realize.