In recent years, the layer of defense approach has been adopted in various corporations. However, cyberattacks still occur as a result of data breaches and critical infrastructure intrusion. Due to the pandemic crisis, more and more organizations accelerated the Cloud adoption plan to increase corporations’ capacities without investing in hardware and physical facilities. Nevertheless, most organizations still use the same approach as traditional on-premise infrastructure to implement security controls on the Cloud. This session will provide attendees with an overview of the trend and modern technologies that could compromise various Cloud services and infrastructure. Additionally, illustrate how to utilize PCI DSS as a foundation to define what to do for implementing a threat-driven approach on the Cloud, which can eventually identify and fix the weaknesses as well as detect the attacks for securing the services and resources in your cloud environment from cyber-attacks.