What’s the #1 focus of your cloud security strategy?

Strategy & Architecture Cloud Security & GRC+6 more

1.6k views2 Comments

Sort By:

Oldest

SVP in Finance (non-banking)3 years ago

Right now I'm driving everyone to focus on implementation of basic controls, as I call them, that gives you the best thing for everybody, and to ensure there’s governance around it. Then over time, hopefully you navigate to cybersecurity maturity and reduce your likelihood of being attacked by making sure you put the right controls in place.

That's not the answer that people like to hear because it's not sexy, it’s boring—there's no AI or ML mentioned. But there's an opportunity right now to get that to the baseline. After that, when you have it, then you can then leverage technology to be the force multiplier. What I don't want happening right now is that people put AI/ML on a crappy foundation. That will just keep telling you that you have a crappy system over and over again. I don't need a notification every day telling me something's bad if I already know it's bad. But that's where people are wasting a lot of time.

So where’s the balance? I think it will be a scale of maturity. You protect your infrastructure, identity, boundaries, and you make sure those are all well connected. From a cyber perspective, you have tight control over what goes in and out of those parameters. And then you can start worrying about some of the loopholes that all these cloud apps are creating in terms of bypassing those boundaries.

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

Peer Discussions and Polls
One-Minute Insights
Connect with like-minded individuals

Sr. Director of Enterprise Security in Software3 years ago

Best practice is one of the main areas I'm still focused on. I had to call out bad practices in our own internal process like, "This didn't hit us but here's a bad practice. Here's how we should have done this." It’s reinforcing what a best practice should be. Because I can buy AI all day long and it'll theoretically do some amazing things, but it doesn't help at all if I'm still embedding API keys in source code or something.

Content you might like

If you have had a negative experience with a vendor (without naming the vendor), what did you learn from it?

Financial Management Vendor Management

VP of Global IT and Cybersecurity in Manufacturing6 years ago

Have clear business requirements up front, make sure the proposal includes items such as scope, timeline, cost, resources.

What is your primary deciding factor in adopting enterprise search?

Strategy & Architecture Cloud End-User Services & Collaboration+26 more

TCO19%

Pricing26%

Integrations21%

Alignment with Cloud Provider7%

Security10%

Alignment with Existing IT Skills4%

Product / Feature Set7%

Vendor Relationship / Reputation

Other (comment)

View Results

5.7k views3 Upvotes1 Comment

We are a large manufacturing company with over 17,000 associates, about half of whom have company-provided cell phones. We average two lost devices per week, which seems low, but executive management is concerned and wants to know if our numbers are typical compared to other companies. My questions are: 1. Do other companies also struggle with lost or stolen devices? 2. What is the average number of lost devices per week? 3. Are there repercussions for associates who lose devices due to carelessness or negligence?

Mobile Device Management (MDM)Mobile Devices Security+2 more

VP of IT in Retail3 days ago

My previous organization implemented a strict one-strike policy for lost or damaged devices. While the first incident was considered an accident, repeat offenders were required to reimburse the company for the lost or damaged ...read more

82 views1 Comment