Enable audit logging
It's important to have audit logging of all security-relevant actions across the entire organization. This can be used to build alerting tools or to aid in investigation in the event of a breach. Enabling and utilizing logging services within your cloud provider will help catch incidents early or understand what went wrong and what was done if not immediately caught.