Developing an Effective Cloud Security Strategy: Guidance for Public Sector CIOs

You’ve finally done it! You’ve migrated to the cloud and your agency is poised to reap all the benefits that come with a move to the cloud – agility, cost savings, and economies of scale. But what about your security strategy?

According to cloud security expert Lauren Burnell, building a comprehensive cloud security strategy is often left off the to-do list during a migration. “While some security features are baked into the cloud, is it the level of security that your agency – and its assets – require?” she posed in a recent conversation.

While public cloud is more secure than a traditional data center in many respects because a layer of security is built-in from the cloud provider, assets on the public cloud are still being breached. In fact, according to research by FireEye Mandiant, 15 percent of all its incident response work involves assets housed in a public cloud.

So, if they cloud is more secure, why is it still getting hacked?

For Burnell, one of the biggest reasons is that people don’t understand the cloud shared security model. “While cloud service providers are addressing some of organizations’ traditional security pain-points, securing data is the cloud customer’s responsibility.” she noted. “Cloud computing brings new challenges and an increased need for situational awareness. Organizations need to have visibility and centralized security across their cloud and hybrid infrastructure.” Chief among these new challenges are shadow IT, ephemeral assets, and the fact that the public cloud itself broadens the attack surface available to hackers.

However, Burnell encourages public sector CIOs not to use these security concerns as reasons to shy away from migrating to the cloud. Instead she urges these IT leaders to “embrace the cloud, but to also embrace a comprehensive cloud security strategy.”

To help guide public sector CIOs in addressing cloud security challenges, Burnell will be discussing the key steps to building a comprehensive cloud security strategy in a webinar on Wednesday, November 14th 2018 at 2PM (EST). From the critical role that analytics play in detecting cloud compromises to the essential elements of a cloud security strategy, Burnell is ready to share her insights and expertise to help public sector CIOs navigate this complex topic.