{"id":16359,"date":"2019-09-19T08:00:24","date_gmt":"2019-09-19T16:00:24","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2019\/09\/19\/news-10100\/"},"modified":"2019-09-19T08:00:24","modified_gmt":"2019-09-19T16:00:24","slug":"news-10100","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/09\/19\/news-10100\/","title":{"rendered":"Beyond The Standard CISO Cloud Security Guide"},"content":{"rendered":"

Credit to Author: Ed Cabrera (Chief Cybersecurity Officer)| Date: Thu, 19 Sep 2019 13:53:11 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Verizon<\/a> recently released a 5 step process for evaluating cloud security products and services to inform purchase decisions. That\u2019s a fantastic tool for buyers to have.<\/p>\n

This is especially helpful because cloud discussions are almost always driven by business objectives to satisfy a cost and or productivity problem. The CISO has to come in and secure the pieces after the migration decision is made.<\/p>\n

The overall direction, as well as the point in migration at which the CISO is brought in, both impact how cloud security products and services are approached.<\/p>\n

Assess the Need<\/strong><\/p>\n

The main focus of the assessment phase needs to be about understanding what data, applications and services are being moved to the cloud. This will determine the requirements for security.<\/p>\n

Verizon points out that the migration itself is just half the security battle, as many security products can\u2019t provide workload visibility once everything lives in the cloud.<\/p>\n

Fortunately, Trend Micro<\/a> can help with that. Regardless of how your cloud environment is structured, we help with visibility across physical, virtual, cloud, and container environments.<\/p>\n

If you\u2019re a CISO moving forward in the steps to cloud security, as outlined by Verizon, there are a few additional things I recommend keeping in mind.<\/p>\n

How will you protect against misconfigurations?<\/strong><\/p>\n

Cloud security is dependent on the people owning the workloads. We know that the ration of security practitioner to IT to employee is incredibly disproportionate. This leads to the #1 cause of cloud information leaks we\u2019ve seen so far \u2013 misconfigurations.<\/p>\n

How will your security tools fit into a DevOps culture?<\/strong><\/p>\n

The shift to DevOps has become part of cloud migrations. Everything operates faster and more fluidly than with legacy setups. An effective security solution can seamlessly operate across the entire CI\/CD pipeline and runtime environment \u2013 not to slow down the process, but to maintain security as the process moves forward.<\/p>\n

Security doesn\u2019t need to be a cloud roadblock. It should be an enabler. Verizon tees up the cloud security conversation with the foundation for considering cloud security solutions. But don\u2019t settle for a security product that slows down or limits the benefits of the cloud.<\/p>\n

The post Beyond The Standard CISO Cloud Security Guide<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Ed Cabrera (Chief Cybersecurity Officer)| Date: Thu, 19 Sep 2019 13:53:11 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Verizon recently released a 5 step process for evaluating cloud security products and services to inform purchase decisions. That\u2019s a fantastic tool for buyers to have. This is especially helpful because cloud discussions are almost always driven by business objectives to satisfy a cost and or productivity problem. The CISO has to come in and…<\/p>\n

The post Beyond The Standard CISO Cloud Security Guide<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[11142,11728,11146,714],"class_list":["post-16359","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-ciso","tag-cloud","tag-cloud-security","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16359","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=16359"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16359\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=16359"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=16359"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=16359"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}