1. Home
  2. News

In the crosshairs: Securing cloud workloads with bespoke solutions

In the crosshairs: Securing cloud workloads with bespoke solutions

With regulations like DORA, third-party risk gains new consequences.

Regulations, where third-party risk management and operational resilience are paramount to staying secure… and fine-free, that is, could finally prove to break the cyber defense camel’s back, especially if IT managers aren’t ready to commit.

Mind you, they likely weren’t before, which is why acts like the EU’s Digital Operational Resilience Act (DORA) are such a burden now. With the regulation placing a strong emphasis on operational resilience including third-party risk management (meaning cloud service providers, for example), banks, insurers, investment firms, and others are now looking at the end of the compliance barrel and thinking, Am I covered?

 

Key points of this article:

· Approaching new productivity heights with cloud solutions doesn’t mean that there aren’t measurable risks involved.

· Public cloud-enabled solutions like Virtual Machines are not vulnerability-free, with related layers like cloud-based identity services also not lagging behind on the risk front.

· Seeing this and more, regulators are clamping down hard on third-party risk, issuing regulations like DORA to set a baseline standard of resilience as well as responsibility for financial actors and some of their providers.

· Firms are caught between a rock and a hard place, with advanced attackers on the move, while observant regulators deem to penalize any compromised response. Companies in the midmarket have especially a lot to lose.

· The solution? To make cloud workload protection simple, effective, and accessible by extending baseline security with all its bells and whistles (optimized view, seamless management) to the cloud.

· ESET Cloud Workload Protection (ECWP) is a natural extension to endpoint security, bringing trusted expertise beyond endpoints for an easier time defending against the evolving threat landscape.

 

Cloudy with the chance of a data breach We’ve covered the Digital Operational Resilience Act (DORA) on the ESET Blog before; it really is a unique piece of legislation meant to shepherd financial actors toward a better baseline security posture. It also emphasizes responsibility, wherein it’s not only a firm, but also leadership that can be found liable in case of noncompliance.

That’s rather nice, isn’t it? Of course, it’s not as simple as it sounds. The requirements are rather stringent, particularly in third-party risk management,1 saying that the contract initiator takes responsibility for assessing and monitoring the resilience of their vendors.

In other words, if you’re running virtual machines in a public cloud environment, and your service gets exploited, it’s you who’s liable for possibly exposing sensitive data running on those exploited VMs.

You might think that it’s unlikely to happen. Sadly though, there have been real cases of ransomware actors leveraging critical virtualization vulnerabilities, with a major breach of Oracle Cloud’s SSO and LDAP systems from 2025 resulting in the exfiltration of 6 million records from over 140,000 tenants. While the latter didn’t affect VMs, it was a compromise affecting the identity layer used by VM tenants, putting downstream customers at risk.

And this might only be just the tip of the iceberg.

 

Global cloud adoption surging

People are moving beyond endpoints, and security must follow. Companies, especially those in a midmarket position (imagine, let’s say, a smaller investment bank serving mid-sized firms) and MSPs have both been steadily adopting cloud services (like VMs) to enhance their productivity. Reportedly, around 69% of businesses in 2025 used public cloud infrastructure of some kind as their primary environment, with AWS (30%), Azure (20%), and GCP (13%) comprising about 63% of the overall global public cloud market.

These numbers are staggering, and it can be assumed that these rates will increase. However, so will attempts at exploiting cloud environments. As many as 44% of organizations have experienced a cloud data breach, with the average cost amounting to a striking $5.17 million per incident — the highest among all environment types. The same source also states that around 32% of breaches resulted in fines.

Why this high number? The reality is that cloud workloads are dynamic, distributed, and often invisible to traditional security tools. Thus, attackers target these, and with increasing sophistication. If you had one misconfigured workload exposing sensitive customer data, the fallout would be swift, and very costly.

Oh, DORA!

Let’s park at those costs for a second. Remember how we mentioned third-party risk management being a major staple of the DORA regulation? Applying to any financial entity with a foothold in an EU country, noncompliance is penalized by up to 2% of a firm’s total annual global turnover or €10 million (whichever is higher). Or in the case of an individual (such as a firm’s business leader), a fine of up to €1 million.

Due to these rules even a bank from the UK or US with an office in any EU nation must be compliant. No exceptions.

Third-party IT service providers aren’t omitted here, as those deemed critical by the European Supervisory Authorities can face fines of up to €5 million (or up to 1% of their annual global turnover), or €500,000 for an individual.

So, if your investment firm’s cloud SaaS fails, it’s not just the firm that could be found culpable.

 

Scaling security with your cloud

So, how do you address cloud woes for DORA? As companies are often juggling workloads across on-prem and cloud (like Amazon Web Services, Azure, or the Google Cloud Platform), they tend to create security gaps. Also, apparently only 23% of organizations report full visibility into their cloud environments, which is troubling, to say the least, especially when regulations demand transparency.

A single compromised VM, be it through stolen credentials, misconfigurations, or unpatched services, can quickly escalate into a cross-environment incident. Of note here would be VM escape attacks, in which attackers make programs break out of their VMs to interact with the host OS — demonstrated recently via some VMware ESXi zero-days.

Clearly, this calls for a rethinking of risk management. Organizations require runtime protection to block such exploits, auto-isolating problematic VMs, while also sharing telemetry for rapid containment. This all without spending excessive amounts on more proprietary security solutions.

Hence, scaling is the answer here. One policy, across an entire environment, without adding complexity, and all the while shining a light on often invisible cloud workloads. That’s the name of the game.

 

Say hello to ESET Cloud Workload Protection

Companies with low security expertise, smaller security teams, or those preferring to set and forget their solutions need not worry about throwing a wrench into their established security postures. Complex resilience need not be complicated.

ESET, known for offering lightweight solutions that through a combination of multiple distinct security layers act as a whole, flexibly addressing security issues from basic malware installs to more advanced ransomware attacks in a combination of smart

coding, automation, and a lot of work behind the scenes figuring out how best to protect our clients from the latest threats. Don’t believe us? Just check the number of ESET Threat Intelligence feeds and reports on offer. All that data and more is inspected and dissected regularly to empower our threat detection engines.

When we consider all the previously mentioned troubles, from the nasty cloud threat landscape to the regulations demanding an iron grip on resilience, it’s obvious that going at it alone, without changing one’s ways, is not advisable.

Therefore, to face this reality, ESET is moving beyond endpoints with its new ESET Cloud Workload Protection (ECWP) module to protect virtual machines in public cloud environments, ingesting cloud VM data into ESET PROTECT’s XDR, significantly enriching telemetry for detection and response while consolidating security management across endpoint and cloud environments inside a single pane of glass.

The main benefit is in gaining protection from another potent threat vector, while also landing a way to regularly validate controls and generate audit evidence for regulatory frameworks such as NIST, CIS, HIPAA, PCI DSS… so not just DORA, either.

 

Not just another line on your security receipt

In a major blow to competitors who usually have separate offerings for cloud workload protection, we offer protection of VMs as part of our regular subscription tiers starting from ESET PROTECT Advanced to cover even the smallest of businesses. More protection at the same price.

ECWP enhances ESET’s cloud security portfolio, currently composed of productivity apps protection (ESET Cloud Office Security), and we are determined to deliver more cloud security offerings soon.

 

Clear skies

Irreversibly, cloud has become another exponential driver of threat exposure. Its risks are often understated, but recent events suggest that that’s about to change. Company leadership might become worried that their baseline postures are compromised, one way or another, and that resilience is just a joke when there’s always a new threat on the horizon.

This couldn’t be further from the truth. Answering novel threats with preventive measures in earnest and taking on the expertise of tried and tested security vendors could prove to make just the right amount of difference.

Learn more about ESET Cloud Workload Protection
Related posts
ESET Launches Cloud Workload Protection
Keeper Security Partners With Chillisoft to Protect Privileged Access Across the South Pacific
Entrust Chillisoft Partnership Announced
armis partners with chillisoft
Armis and Chillisoft Partnership Press Release
Chillisoft x Saviynt Announcement
Chillisoft ISO 27001 ESET MDR
Chillisoft ISO 27001 Announcement