Over the past few days, new information about the Lapsus$ cybercrime group has surfaced and provided fresh insights into the actual practices of cyber security adversaries. While it’s not clear exactly who they are (it’s been reported that the mastermind behind this group could be a teenager!) or the extent of their accomplishments – cloud security practitioners, can already learn a lot about the best practices that reduce the threat from groups like Lapsus$.

You can read a lot about the activity of Lapsus$ elsewhere (most notably, we recommend the post on the Microsoft Security Blog and the post by KerbsOnSecurity) and the detailed response by Okta’s CSO about their incident, so what we’ll try to do here is outline a few quick effective action items/lessons you can take away from this incident to improve the security posture of your cloud environment.