"The core of cloud security is securing visibility through integrated security management across infrastructure, applications, databases, and development and operations environments."

Wi Soo-young (위수영), head of the HALO unit in charge of the security business at AI and cloud company MegazoneCloud, stressed this point at a security seminar held on Tuesday afternoon at Josun Palace in Seoul. "As AI spreads and multicloud environments accelerate, the attack surface is expanding significantly, and attacks through new paths are also increasing rapidly," he said.

At a seminar hosted by MegazoneCloud and global cloud security company Wiz, which invited chief security officers from major companies under the theme "Why do security chiefs worry more after a security diagnosis?", Wi said security chiefs are placed in a situation where they must interpret and judge fragmented diagnostic results such as vulnerability lists, misconfigurations and permission information rather than the overall risk structure.

"If you cannot secure visibility by tying this information into a single structure, it is difficult to decide what items should be addressed first," he said. He stressed the need for a system that moves away from simply accumulating diagnostic results and instead evaluates "risks with a high likelihood of actual attack" by bundling multiple sources of information, then determines "what to fix first" and carries through to remediation based on the results.

He added that MegazoneCloud ANR (Assessment & Remediation) connects judgment and execution in a single flow, allowing organisations to reduce risk starting from the most dangerous points even with limited staff and time.

Wiz Chief Executive and Chief Operating Officer Dali Rajic (달리 라직), who also spoke, said that in cloud environments, information such as vulnerabilities, misconfigurations, permissions and network exposure is provided separately, making it difficult to connect and judge what is riskier and to set response priorities. For that reason, he said, it is hard to assess real risk based only on a partial list of vulnerabilities, and it is important to understand how these factors connect and can lead to actual attacks.

Zhihao Tan (지하오 탄), a Wiz solutions engineer who gave the final presentation, demonstrated through an intuitive demo what security staff should look at first amid numerous alerts and diagnostic results in a real cloud environment.

MegazoneCloud Chief Executive Dong-hoon Yeom (염동훈) said the seminar was arranged to consider together where security chiefs should place their judgment criteria in cloud security environments. He said the company would continue discussions that can provide practical help for customers' security operations and decision-making through collaboration with Wiz.

MegazoneCloud and Wiz plan to continue expanding efforts to share insights and pursue technical collaboration with security leaders, after signing a partnership to strengthen cloud security on Tuesday morning and holding a joint seminar in the afternoon.