Forem: Saleem Yousaf

Why Infrastructure as Code Security Can’t Be Ignored

Saleem Yousaf — Thu, 14 May 2026 10:07:48 +0000

Infrastructure as Code (IaC) has changed cloud engineering forever.
But insecure IaC means insecure cloud environments at scale.
A single misconfigured template can deploy:

• Public storage buckets
• Weak IAM policies
• Exposed databases
• Unencrypted resources
Secure IaC should include:

✅ Security scanning in CI/CD
✅ Policy as Code
✅ Least privilege templates
✅ Version control and approvals
✅ Automated compliance validation

Security should be embedded before deployment — not after.
Secure infrastructure starts in the code.

Written by Saleem Yousaf

Cloud & Cyber Security Architect

Connect with me:

Why Encryption Still Matters in Modern Cloud Security

Saleem Yousaf — Thu, 14 May 2026 10:06:36 +0000

Encryption is one of the oldest security controls.
And still one of the most important.
In modern cloud environments, encryption protects:

• Customer data
• AI training datasets
• API secrets
• Backups and storage
• Sensitive communications

But encryption alone is not enough.
Key management matters just as much.

Organisations should focus on:

✅ Customer-managed keys (CMKs)
✅ Hardware Security Modules (HSMs)
✅ Key rotation policies
✅ Encryption in transit and at rest
✅ Strict access control for cryptographic keys

Encryption is not just compliance.
It is foundational trust for digital systems.

Written by Saleem Yousaf

Cloud & Cyber Security Architect

Connect with me:

Why Cloud Security Architecture Matters More Than Ever

Saleem Yousaf — Thu, 14 May 2026 10:03:59 +0000

Cloud adoption has transformed how organisations operate.
But many environments are still built faster than they are secured.
Common cloud security gaps:

• Overly permissive IAM roles
• Public storage exposure
• Weak network segmentation
• Lack of monitoring and governance
A secure cloud architecture should include:

✅ Least privilege access
✅ Private networking
✅ Encryption by default
✅ Centralised logging and monitoring
✅ Infrastructure as Code security validation

Cloud security is no longer optional.
It is now a core business requirement.

Written by Saleem Yousaf

Cloud & Cyber Security Architect

Connect with me:

AI Security Isn’t About Models It’s About Trust and Governance

Saleem Yousaf — Thu, 14 May 2026 09:29:24 +0000

Most organisations are focusing on AI models, prompts, and tooling.
But the real AI security risk sits elsewhere:
• Untrusted data
• Weak architecture
• Lack of governance
AI systems are only as trustworthy as the data and controls behind them.
Without governance:
• Sensitive data can leak through AI responses
• Prompt injection attacks become possible
• RAG pipelines can expose confidential information
• AI outputs become unreliable
Secure AI starts with:
✅ Trusted data ingestion
✅ Strong identity controls
✅ Secure cloud architecture
✅ Governance aligned to business risk
AI security is not just about protecting models.
It’s about protecting trust.

Written by Saleem Yousaf

Cloud & Cyber Security Architect

Connect with me:

Broken vs Governed RAG Pipelines

Saleem Yousaf — Tue, 12 May 2026 09:57:18 +0000

The Security Architecture Problem Nobody Talks About
Most AI security conversations focus on the LLM.
But in enterprise environments, the bigger issue is usually the pipeline feeding the model.

That pipeline is commonly a Retrieval-Augmented Generation (RAG) architecture.
And many of them are fundamentally insecure.

The Typical Broken RAG Pipeline
A lot of AI implementations look like this:
User Upload
↓
Embedding Pipeline
↓
Vector Database
↓
LLM / AI Application
The issue?
There is often:
• No malware scanning
• No governance validation
• No quarantine process
• No classification
• No trust enforcement
• No monitoring
The AI system simply trusts all uploaded data.
That creates risk.

Why This Is Dangerous

AI Poisoning
Attackers can upload manipulated content that influences retrieval results.
Prompt Injection Persistence
Malicious instructions may persist inside embeddings.
Sensitive Data Exposure
Improperly governed documents can become retrievable.
Compliance Risk
Unclassified or regulated data may enter AI systems without controls.
No Auditability

Many organisations cannot answer:
• What data entered the pipeline?
• Was it validated?
• Was malware detected?
• Who retrieved the content?

What a Governed RAG Pipeline Looks Like
A governed architecture introduces trust controls before data reaches embeddings.
Example:
Upload
↓
Untrusted Landing Zone
↓
Malware Scanning
↓
Classification & Validation
↓
Clean / Quarantine Separation
↓
Approved Embedding Pipeline
↓
Private Vector Store
↓
Private AI Access
This creates architectural trust boundaries.

AWS Example Architecture
A secure AWS-native implementation may include:
• Amazon S3 landing buckets
• GuardDuty Malware Protection for S3
• EventBridge automation
• Lambda validation workflows
• Quarantine buckets
• Amazon Bedrock private endpoints
• IAM least privilege
• CloudTrail and Security Hub monitoring
This transforms AI security from reactive to governed.

Why This Matters
AI adoption is accelerating faster than AI governance.
That means many organisations are deploying AI systems without:
• Security architecture
• Data governance
• Operational controls
• Monitoring visibility
The result is growing AI risk exposure.

Final Thought
The model is not the primary trust boundary.
The architecture is.

If your ingestion pipeline is insecure, your AI system is insecure.
Secure AI starts before the prompt.

Saleem Yousaf #aws #ai #security #cybersecurity #rag #llm #cloud #devops

Written by Saleem Yousaf

Cloud & Cyber Security Architect

Connect with me:

OT Network Segmentation: The Foundation of Industrial Cybersecurity by Saleem Yousaf

Saleem Yousaf — Tue, 12 May 2026 09:54:08 +0000

Most OT cyber incidents become major business disruptions because attackers can move laterally between systems.

That usually happens because segmentation is weak.
Modern manufacturing environments often connect:

• ERP systems
• SCADA platforms
• PLCs
• Cloud services
• Remote vendors
• Engineering workstations
• Industrial IoT devices
Without proper segmentation, a compromise in IT can quickly spread into operational environments.

What Modern OT Segmentation Should Include
IT / OT Separation
Enterprise IT should never have unrestricted access into OT networks.
Use:
• Firewalls
• Industrial DMZs
• Controlled routing
• Secure jump servers

Micro-Segmentation
Inside OT environments, segment:
• SCADA systems
• PLC zones
• Safety controllers
• Robotics networks
• Engineering workstations
This limits lateral movement.

Identity Security
Segmentation must work alongside:
• MFA
• PAM
• Least privilege
• Vendor access controls

OT Visibility
You cannot secure what you cannot see.
Use:
• Passive monitoring
• Asset discovery
• Traffic analysis
• OT-aware IDS tools

Final Thought
OT security is no longer just perimeter security.

Modern industrial environments require layered segmentation, identity-aware access, and continuous monitoring.
Because when attackers move freely, production stops.

Written by Saleem Yousaf

Cloud & Cyber Security Architect

Why Manufacturing Cybersecurity Must Move to Secure-by-Design - Insights by Saleem Yousaf

Saleem Yousaf — Tue, 12 May 2026 09:52:19 +0000

Manufacturing organisations are rapidly digitising operations to improve automation, efficiency, and global connectivity.
However, many industrial environments were never originally designed with cybersecurity in mind.

Operational Technology (OT) environments still commonly contain legacy systems, shared privileged accounts, flat network architectures, and insecure remote access pathways.

This creates a major challenge for modern manufacturers.
A single compromised privileged identity can allow attackers to move from corporate IT systems into operational environments responsible for production.

The consequences are severe:
• Production downtime
• Delayed customer orders
• Financial loss
• Safety concerns
• Supply chain disruption
• Reputational damage

Secure-by-design changes the approach entirely.
Instead of adding security after deployment, organisations embed cybersecurity directly into operational architecture.

This includes:
Identity-Centric Security
• PAM
• MFA
• Least privilege
• Tiered administration
• Just-in-Time access

OT Network Segmentation
• Industrial DMZs
• Restricted trust boundaries
• Firewall zoning
• Controlled remote access

Visibility & Monitoring
• OT-aware monitoring
• Industrial anomaly detection
• Centralised logging
• Asset discovery

Recovery & Resilience
• Immutable backups
• OT recovery testing
• Incident response playbooks
• Business continuity planning

Cybersecurity in manufacturing is no longer just about protecting systems.
It is about protecting operations.
Secure-by-design is becoming one of the most important strategies for modern industrial resilience.

Written by Saleem Yousaf

Cloud & Cyber Security Architect

Saleem Yousaf insight: Understanding MITRE ATT&CK and MITRE ATLAS for Modern Cloud Security

Saleem Yousaf — Tue, 12 May 2026 09:48:09 +0000

Security isn’t just about firewalls anymore.
Modern attacks target:
• Cloud identities
• SaaS apps
• APIs
• Containers
• AI systems
• Hybrid infrastructure

To defend properly, security teams need visibility into how attackers actually operate.

That’s why MITRE ATT&CK and MITRE ATLAS matter.
MITRE ATT&CK
MITRE ATT&CK is a framework that maps:
• Tactics
• Techniques
• Procedures (TTPs)

Based on real-world attacks.

Examples include:
• Credential Access
• Lateral Movement
• Privilege Escalation
• Defense Evasion

Teams use ATT&CK for:
• Detection engineering
• Threat hunting
• SOC operations
• Purple teaming
• Security testing

MITRE ATLAS

MITRE ATLAS extends this concept into:

• AI security
• Cloud telemetry
• Detection mapping
• Security controls

ATLAS helps connect:
Technique → Telemetry → Detection → Mitigation
This is incredibly useful for:

• AWS
• Azure
• Microsoft 365
• SaaS platforms
• Identity systems

Why Engineers Should Care

Using ATT&CK + ATLAS helps:
• Validate detections
• Identify monitoring gaps
• Improve threat visibility
• Reduce alert fatigue
• Prioritise security investments

Final Thoughts
Security teams that understand attacker behaviour build stronger defenses.
Threat-informed security is becoming a core engineering discipline — especially in cloud-native environments.

Written by Saleem Yousaf

Cloud & Cyber Security Architect

https://www.saleemyousaf.co.uk

Azure Disaster Recovery Architecture for Enterprise Hybrid Cloud - by Saleem Yousaf

Saleem Yousaf — Tue, 12 May 2026 09:46:30 +0000

Modern enterprise DR in Azure must support:
• Same-region failover
• Cross-region failover
• Hybrid cloud continuity
• PaaS and IaaS recovery
Key Azure DR Components
Same Region
• Availability Zones
• Zone-redundant SQL
• ZRS Storage
Multi Region
• Azure Site Recovery
• Front Door
• Traffic Manager
• Geo-replication
Hybrid
• ExpressRoute failover
• VPN backup
• Active Directory replication

Azure Storage Replication
Choosing the correct storage replication model is critical.
Type DR Capability
LRS None
ZRS Zone
GRS Regional
RA-GZRS Enterprise DR

SQL Disaster Recovery
Recommended enterprise SQL controls:
• Auto Failover Groups
• Geo-replication
• Zone redundancy
• Backup retention

DR Testing Matters
Recommended cadence:
• Monthly restore testing
• Quarterly failover testing
• Annual enterprise DR simulation

Final Thoughts
Cloud DR is now part of enterprise architecture, security and operations.
The focus should be:
• Automation
• Repeatability
• Testing
• Security preservation

Written by Saleem Yousaf

Cloud & Cyber Security Architect

Securing OT Environments: Network Segmentation and IDMZ (Real-World Approach) | Saleem Yousaf

Saleem Yousaf — Tue, 05 May 2026 14:33:48 +0000

In most environments I’ve worked in, OT (Operational Technology) security isn’t weak because of missing tools it’s weak because of poor network design.

Flat networks, over-trusted zones, and lack of proper segmentation create environments where a single compromise can spread quickly.

This is where network segmentation and the Industrial DMZ (IDMZ) become critical.
The Problem with Traditional OT Networks

Many OT environments still rely on:

Flat network architecture
Implicit trust between zones
Limited monitoring
Legacy systems that are difficult to patch

This creates a scenario where:

IT compromise → OT compromise
Minimal containment → maximum impact

What is an IDMZ?

An Industrial DMZ (IDMZ) acts as a buffer between IT and OT environments.

Instead of direct communication:

IT ↔ IDMZ ↔ OT

The IDMZ typically contains:

Jump servers / bastion hosts
Patch management systems
Historians / data brokers
Security monitoring tools
Proxy services

Key principle:
No direct IT-to-OT communication

Network Segmentation (What Actually Works)

Segmentation isn’t just VLANs it’s controlled trust boundaries.

Level 1: IT Zone

Corporate systems
Internet access
User endpoints

Level 2: IDMZ

Controlled services
Strict firewall rules
Monitored access

Level 3: OT Zone

PLCs
SCADA systems
Critical infrastructure

Common Mistakes I See

Allowing direct RDP from IT to OT
Over-permissive firewall rules
No monitoring inside IDMZ
Treating IDMZ as just “another subnet”

These defeat the purpose of segmentation

Security Controls That Matter

Access Control
No direct user access to OT
Use jump hosts
Enforce MFA
Firewalling
Whitelist-only communication
Deny by default
Monitoring
Log all traffic
Monitor lateral movement
Detect anomalies
Patch Management
Stage updates through IDMZ
Never patch OT directly from IT

Real-World Design Principle, assume breach in IT

Design OT so that:

It cannot be reached directly

Movement is restricted
Activity is visible

Final Thoughts from the Author

OT security is not about adding more tools it’s about designing networks that limit impact.

A properly implemented IDMZ and segmentation strategy can significantly reduce risk and prevent lateral movement into critical systems.

Written by Saleem Yousaf

Cloud & Cyber Security Architect

👤 About the Author

Saleem Yousaf is a Cloud & Cyber Security Architect specialising in secure architecture across AWS, Azure, and enterprise environments.

saleemyousaf.co.uk