The Public Cloud has a shared risk and responsibility model between the customer and the CSP on a sliding scale depending on the type of service being used. Responsibility: end-to-end versus shared responsibility Not only technologically but also culturally. The cloud fundamentally changes both the playing field and the rules of the game when it comes to security. Cloud Security versus On-Premises Security: The Key Differences I’ll explore some of these key differences before exploring the ramifications for the CISO. The introduction of public cloud has brought about not only a big technological shift but also a cultural one with the adoption of modern development techniques that make these old security postures and attitudes untenable. It certainly is not a good place to be as it will stifle innovation and change: two of the greatest benefits the public cloud can bring to an organisation. Security as Siloed Afterthought: traditional IT development has held security at arm’s length, an external body that needs to approve designs and sign off for production readiness at the end of the development lifecycle.The Ivory Tower Effect: IT security has traditionally been a specialised area, well paid, lots of power and operating under a veil of mystery as to what is allowed and what is not.I remember having a standoff with an IT Security Manager who told me the security requirements for a solution I was designing were on a “need to know basis!”ĭoes this sound familiar? Do your engineering teams see the CISO and the security team as a blocker? Over the years I have heard IT security referred to as the Department of NO. In this blog, I will discuss the key differences between the old world of security and the new world of cloud security and how CISOs can move from being a blocker to an enabler so they can take advantage of the public cloud! The CISO as ‘Blocker’ We often see disappointing and frustrating outcomes! The CISO and the security function becomes a blocker to the agility and innovation of the public cloud, rather than an enabler. What happens when old world thinking and behaviours are applied to the new world? But only if they bring their security with them on the journey!īut the pace of change in the new world can feel unsettling, so it is not uncommon for CISOs and security teams to want to stick to older models and to double down on familiar ways of working. The cloud is the biggest enabler in a generation and is a massive opportunity for enterprises to start innovating at speed and scale. The revolution of the public cloud has irrevocably changed the role of the CISO in the modern enterprise.
#What is t3 security enabler how to
Olivier Subramanian 11 August 2020 Cloud Security and the Modern CISO: How to Move from Blocker to Enabler
0 kommentar(er)
