Three takeaways from Cloud Security Alliance Summit

Security in the cloud: an evolution and revolution, and identity is still the new perimeter.

Having attended the Cloud Security Alliance Summit at the RSA Conference in past years, I was looking forward to this year’s packed agenda of topics by a distinguished list of speakers. This year’s event did not disappoint.

The CSA Summit delivered on bringing together industry experts and cloud providers to discuss the most pressing challenges and insights surrounding cloud security. The explosive rise of ransomware and IoT security were certainly among the most discussed concerns, in addition to these three takeaways:

1. Security in the cloud is both an evolution and a revolution

The question of whether security in the cloud is an evolution or a revolution was a frequent one at the CSA Summit. Many of the challenges we need to address in the cloud are the same as those found in on-premises environments (IAM, data protection, application security, encryption, etc.), but the way we need to address them may require different revolutionary approaches.

The shift left discussion taking place in the DevSecOps seminar was not isolated to that room. CSA Summit attendees agreed that DevSecOps processes and tools will be part of the revolution needed for streamlined cloud security.

2. Cloud security is built for change

The rapid pace of change and new attack vectors requires constant innovation in security. The cloud delivery model aligns well with that. Protecting the cloud requires ongoing investments in security technologies, but the flexibility of the cloud model enables faster innovation and simplifies change.

3. Identity is still the new perimeter

It’s no surprise that while security professionals need to stay on top of the evolving threat landscape, they still recognize the need to get identity and access management right to manage their risk. Most breaches continue to be related to compromised or breached credentials and moving workloads to the cloud will not change that.

We know there is much work to do to protect against the ever expanding attack surface. However, despite continued concerns around cloud security, the enterprise move to cloud provides a unique opportunity for security professionals. It’s a limited time opportunity for us to empower this cloud transformation and be part of its inception. Witnessing the beginnings of a major technology shift is uncommon and sets the stage for our success for many years to come. Embrace the opportunity!

 


Hadeel Dabbagh is director in the CA Technologies Security business . She is responsible for…

Comments

rewrite

Insights from the app driven world
Subscribe Now >
RECOMMENDED
Managing a DevOps Transition >A Meeting of (Artificial) Minds >Corporate Finance Gets API Makeover >