Security teams depend on cloud logs for visibility, but legitimate logging and export controls can be twisted into a concealment layer if an intruder has the right permissions.