Many organizations rely on default security offerings from their cloud providers, which are often provided as do-it-yourself toolkits and guidelines, leaving the actual configuration to the user. A shared responsibility model dictates that cloud providers are responsible for the security ‘of’ the cloud, and organizations are. responsible for security ‘in’ the cloud. The challenge grows more complex when most organizations are working in multiple cloud environments. 93% of organizations are operating with a multi-cloud strategy, utilizing an average of 3.4 public clouds per organization.
Source: https://www.helpnetsecurity.com/2021/06/16/cloud-shared-responsibility-model/