Sign up to save your podcasts
Or
Share Hybrid Cloud
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Hybrid Cloud
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-hybrid-cloud/)
The consistency of your security program becomes a challenge once you introduce the cloud. Controls and visibility are not necessarily transferable. How do you maintain the control you want in a hybrid environment?
Check out this post for the basis for our conversation on this week’s episode which features me, special guest co-host Taylor Lehmann (@BostonCyberGuy), vp, CISO, athenahealth, and our sponsored guest, Chris Meenan (@chris_meenan), director, offering management and strategy, IBM Security.
Chris Meenan, director, offering management and strategy, IBM Security, David Spark, producer, CISO Series, Taylor Lehmann, vp, CISO, athenahealth.
Thanks to this week's podcast sponsor, IBM Security.
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM X-Force research, provides security solutions to help organizations stop threats, prove compliance, and grow securely. IBM operates one of the broadest and deepest security research, development and delivery organizations. It monitors more than two trillion events per month in more than 130 countries and holds more than 3,000 security patents.
On this episode of Defense in Depth, you’ll learn:
- Moving to the cloud, like any other technology initiative, is a business decision.
- What controls are you ceding over to the cloud provider? What service level agreements (SLAs) and performance measurements do you have for the provider?
- Be realistic about what’s going to be done if a service provider violates the SLA. You’re not going to all of a sudden dump the provider. You’re going to put some types of corrections in place. Make sure you know what those are and how that can be handled, realistically.
- Understand your shared responsibility in the cloud. According to a report by FireMon on hybrid cloud use and adoption, about one-third do not fully understand the shared responsibility model of the cloud.
- Start slow. While you may need to go with multiple cloud providers to fill distribution and requirements, begin with one and learn from that experience.
- Use cloud adoption as an excuse to join forces with your privacy team to understand where data is being placed and what control you have over it.
- Cloud providers are not interchangeable like a utility. Cloud providers are chosen based on the services they offer.
View all episodes
By David Spark, Steve Zalewski, Geoff Belknap
4.8
7373 ratings
All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-hybrid-cloud/)
The consistency of your security program becomes a challenge once you introduce the cloud. Controls and visibility are not necessarily transferable. How do you maintain the control you want in a hybrid environment?
Check out this post for the basis for our conversation on this week’s episode which features me, special guest co-host Taylor Lehmann (@BostonCyberGuy), vp, CISO, athenahealth, and our sponsored guest, Chris Meenan (@chris_meenan), director, offering management and strategy, IBM Security.
Chris Meenan, director, offering management and strategy, IBM Security, David Spark, producer, CISO Series, Taylor Lehmann, vp, CISO, athenahealth.
Thanks to this week's podcast sponsor, IBM Security.
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM X-Force research, provides security solutions to help organizations stop threats, prove compliance, and grow securely. IBM operates one of the broadest and deepest security research, development and delivery organizations. It monitors more than two trillion events per month in more than 130 countries and holds more than 3,000 security patents.
On this episode of Defense in Depth, you’ll learn:
- Moving to the cloud, like any other technology initiative, is a business decision.
- What controls are you ceding over to the cloud provider? What service level agreements (SLAs) and performance measurements do you have for the provider?
- Be realistic about what’s going to be done if a service provider violates the SLA. You’re not going to all of a sudden dump the provider. You’re going to put some types of corrections in place. Make sure you know what those are and how that can be handled, realistically.
- Understand your shared responsibility in the cloud. According to a report by FireMon on hybrid cloud use and adoption, about one-third do not fully understand the shared responsibility model of the cloud.
- Start slow. While you may need to go with multiple cloud providers to fill distribution and requirements, begin with one and learn from that experience.
- Use cloud adoption as an excuse to join forces with your privacy team to understand where data is being placed and what control you have over it.
- Cloud providers are not interchangeable like a utility. Cloud providers are chosen based on the services they offer.
More shows like Defense in Depth
View all
Security Now (Audio)
1,979 Listeners
Risky Business
365 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
626 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
366 Listeners
Hacked
183 Listeners
CyberWire Daily
1,009 Listeners
Smashing Security
312 Listeners
Click Here
413 Listeners
Darknet Diaries
7,879 Listeners
Cybersecurity Today
166 Listeners
CISO Series Podcast
189 Listeners
Hacking Humans
314 Listeners
Cyber Security Headlines
127 Listeners
Risky Bulletin
43 Listeners
Hacker And The Fed
167 Listeners