|
|
Change management approaches must reflect the relentless and dynamic nature of ongoing business transformations and the security challenges to ensure that approved changes are made correctly using automated real-time verification. Lack of cloud security architecture and strategy The rapid pace of change and the prevailing self-service, decentralized approach to cloud infrastructure administration hamper the ability to take technical and business considerations into account and conscious design, the report notes. Consequently, security threats in the cloud increase. However, the report also added that security considerations and risks must not be ignored for cloud efforts to be successful and secure. These issues can be compounded when multiple cloud providers are involved.
Leveraging cloud providers is certainly not new. However, the security product space continues to emerge and evolve around the cloud, says Kennedy. As examples, we saw early on cloud workload security emerge as an approach to providing common third-party security functions. Find the right combination So most security professionals looking Australia Email List at cloud security must consider what combination of standard cloud provider controls, premium cloud provider controls, and what third-party security product offerings address their specific risk profile, and sometimes that profile is different at the application level. After all, it can present a lot of complexity in the face of emerging threats, adds Kennedy.
Key findings on the lack of cloud security architecture and strategy include Enterprises must consider business objectives, risks, security threats, and legal compliance in cloud services and infrastructure design and decisions. Given the rapid pace of change and limited centralized control in cloud deployments, it is more important, not least, to develop and adhere to an infrastructure strategy and design principles. Adopters are advised to consider the vendor's fundamental due diligence and security assessment practices. That is, they must be complemented with secure design and integration to prevent the kinds of systemic failures that occurred in SolarWinds, Kaseya, and Bonobos breaches.
|
|
发表于 2023-7-23 18:18:31