The linked “Notes on Security in 2019” was pulled together by former Chief Security Officer at Box and current partner at Andreessen Horowitz Joel de la Garza.

The whole read is interesting (and short), but this bit jumped out at me:

When the numbers are finally crunched for 2018 it’s likely that mis-configured cloud services will overtake phishing attacks as the number one source of breached personal records.

There have been a number of large breaches in the last year resulting from cloud service configuration errors — and there aren’t indications that this trend is changing.

I’m reminded of Willie Sutton being asked why he robs banks. “Because that’s where the money is”.

Same with the shift to the cloud. That’s where the data is.