There has been an unprecedented acceleration in the shift to the cloud as a result of the COVID-19 pandemic. McKinsey experts estimate companies have moved to the cloud “24 times faster [...] than they thought” over the past two years. As organizations move quickly to scale, drive innovation, and revamp the way they engage with their consumers by moving to the public cloud, there is an increasing need for a security strategy that aligns with the varied states of organizations' maturity in their usage and adoption of the cloud.
Modern cloud environments are complex and require multiple areas of focus, including security, application modernization, reduction of infrastructure overhead, accelerating software delivery, maintaining compliance, and countless more. All of these are critical to realizing the end goals of cloud adoption: increased speed, flexibility, and performance. Rapid cloud adoption without the appropriate visibility and automated security controls will lead to imminent exposure and vulnerability.
Whose responsibility is cloud security?
When it comes to cloud environments, security and compliance are a shared responsibility between the cloud service provider (CSP) and the customer’s internal security team. In the typical shared responsibility model, cloud providers are responsible for the security OF the cloud. This essentially means they are on the hook to make sure the actual underlying resources you’re using – such as a storage bucket or a compute instance – or the physical hardware sitting in their data centers aren’t a security threat.
So, if the provider is responsible for security of the cloud itself, what falls to the customer? Customers are responsible for security IN the cloud, meaning they are responsible for making sure their own data – and the ..
Support the originator by clicking the read the rest link below.
